archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
php-src/sapi/cgi
History
Exact
Niels Dossche 88315f263d
Fix GHSA-3qgc-jrrr-25jv 
The original code is error-prone due to the "best fit mapping" that
happens with the argument parsing but not with the query string.
When we get a non-ASCII character, try to remap it and see if it becomes
a hyphen.

An alternative approach is to create a custom main `wmain` receiving
wide-character variations that does the ANSI transformation with the
best-fit mapping, but that's more error-prone and could cause unexpected
breakage.

Another alternative was just don't doing this check altogether and
always check for `cgi || fastcgi` instead, but that breaks real-world
use-cases.
2024-06-04 08:58:51 -04:00
..
tests Fix GHSA-3qgc-jrrr-25jv 2024-06-04 08:58:51 -04:00
cgi_main.c Fix GHSA-3qgc-jrrr-25jv 2024-06-04 08:58:51 -04:00
cgi_main.stub.php Enable class entry generation for sapi extensions 2021-02-14 12:03:48 +01:00
cgi_main_arginfo.h Improve class entry generation 2021-02-16 13:09:56 +01:00
config.w32 Remove unused Git attributes ident 2018-07-25 00:53:25 +02:00
config9.m4 Set libtool tag per command instead of global one 2024-01-10 09:09:45 +01:00
CREDITS
Makefile.frag Sync leading and final newlines in source code files 2018-10-14 12:56:38 +02:00
php-cgi.1.in Fixed Bug #65143 Missing php-cgi man page 2013-07-02 10:42:47 +02:00
php.sym