--- embedaddon/php/main/rfc1867.c 2012/02/21 23:48:05 1.1.1.1 +++ embedaddon/php/main/rfc1867.c 2012/05/29 12:34:35 1.1.1.2 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: rfc1867.c,v 1.1.1.1 2012/02/21 23:48:05 misho Exp $ */ +/* $Id: rfc1867.c,v 1.1.1.2 2012/05/29 12:34:35 misho Exp $ */ /* * This product includes software developed by the Apache Group @@ -36,93 +36,25 @@ #define DEBUG_FILE_UPLOAD ZEND_DEBUG -PHPAPI int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; - -#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) -#include "ext/mbstring/mbstring.h" - -static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC); - -#define SAFE_RETURN { \ - php_mb_flush_gpc_variables(num_vars, val_list, len_list, array_ptr TSRMLS_CC); \ - if (lbuf) efree(lbuf); \ - if (abuf) efree(abuf); \ - if (array_index) efree(array_index); \ - zend_hash_destroy(&PG(rfc1867_protected_variables)); \ - zend_llist_destroy(&header); \ - if (mbuff->boundary_next) efree(mbuff->boundary_next); \ - if (mbuff->boundary) efree(mbuff->boundary); \ - if (mbuff->buffer) efree(mbuff->buffer); \ - if (mbuff) efree(mbuff); \ - return; } - -void php_mb_flush_gpc_variables(int num_vars, char **val_list, int *len_list, zval *array_ptr TSRMLS_DC) /* {{{ */ +static int dummy_encoding_translation(TSRMLS_D) { - int i; - if (php_mb_encoding_translation(TSRMLS_C)) { - if (num_vars > 0 && - php_mb_gpc_encoding_detector(val_list, len_list, num_vars, NULL TSRMLS_CC) == SUCCESS) { - php_mb_gpc_encoding_converter(val_list, len_list, num_vars, NULL, NULL TSRMLS_CC); - } - for (i = 0; i= *num_vars_max) { - php_mb_gpc_realloc_buffer(pval_list, plen_list, num_vars_max, 16 TSRMLS_CC); - /* in case realloc relocated the buffer */ - val_list = *pval_list; - len_list = *plen_list; - } +PHPAPI int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; - val_list[*num_vars] = (char *)estrdup(param); - len_list[*num_vars] = strlen(param); - (*num_vars)++; - val_list[*num_vars] = (char *)estrdup(value); - len_list[*num_vars] = strlen(value); - (*num_vars)++; -} -/* }}} */ +static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC); -#else - -#define SAFE_RETURN { \ - if (lbuf) efree(lbuf); \ - if (abuf) efree(abuf); \ - if (array_index) efree(array_index); \ - zend_hash_destroy(&PG(rfc1867_protected_variables)); \ - zend_llist_destroy(&header); \ - if (mbuff->boundary_next) efree(mbuff->boundary_next); \ - if (mbuff->boundary) efree(mbuff->boundary); \ - if (mbuff->buffer) efree(mbuff->buffer); \ - if (mbuff) efree(mbuff); \ - return; } -#endif - /* The longest property name we use in an uploaded file array */ #define MAX_SIZE_OF_INDEX sizeof("[tmp_name]") @@ -139,7 +71,7 @@ void php_mb_gpc_stack_variable(char *param, char *valu #define UPLOAD_ERROR_F 7 /* Failed to write file to disk */ #define UPLOAD_ERROR_X 8 /* File upload stopped by extension */ -void php_rfc1867_register_constants(TSRMLS_D) /* {{{ */ +void php_rfc1867_register_constants(TSRMLS_D) /* {{{ */ { REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_OK", UPLOAD_ERROR_OK, CONST_CS | CONST_PERSISTENT); REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_INI_SIZE", UPLOAD_ERROR_A, CONST_CS | CONST_PERSISTENT); @@ -208,16 +140,16 @@ static void normalize_protected_variable(char *varname } *s = '\0'; } -/* }}} */ +/* }}} */ -static void add_protected_variable(char *varname TSRMLS_DC) /* {{{ */ +static void add_protected_variable(char *varname TSRMLS_DC) /* {{{ */ { int dummy = 1; normalize_protected_variable(varname TSRMLS_CC); zend_hash_add(&PG(rfc1867_protected_variables), varname, strlen(varname)+1, &dummy, sizeof(int), NULL); } -/* }}} */ +/* }}} */ static zend_bool is_protected_variable(char *varname TSRMLS_DC) /* {{{ */ { @@ -226,41 +158,33 @@ static zend_bool is_protected_variable(char *varname T } /* }}} */ -static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */ +static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */ { if (override_protection || !is_protected_variable(var TSRMLS_CC)) { php_register_variable_safe(var, strval, val_len, track_vars_array TSRMLS_CC); } } -/* }}} */ +/* }}} */ -static void safe_php_register_variable_ex(char *var, zval *val, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */ +static void safe_php_register_variable_ex(char *var, zval *val, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */ { if (override_protection || !is_protected_variable(var TSRMLS_CC)) { php_register_variable_ex(var, val, track_vars_array TSRMLS_CC); } } -/* }}} */ +/* }}} */ -static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */ +static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */ { - int register_globals = PG(register_globals); - - PG(register_globals) = 0; safe_php_register_variable(strvar, val, strlen(val), http_post_files, override_protection TSRMLS_CC); - PG(register_globals) = register_globals; } -/* }}} */ +/* }}} */ static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */ { - int register_globals = PG(register_globals); - - PG(register_globals) = 0; safe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC); - PG(register_globals) = register_globals; } -/* }}} */ +/* }}} */ static int unlink_filename(char **filename TSRMLS_DC) /* {{{ */ { @@ -277,7 +201,7 @@ void destroy_uploaded_files_hash(TSRMLS_D) /* {{{ */ } /* }}} */ -/* {{{ Following code is based on apache_multipart_buffer.c from libapreq-0.33 package. */ +/* {{{ Following code is based on apache_multipart_buffer.c from libapreq-0.33 package. */ #define FILLUNIT (1024 * 5) @@ -294,6 +218,9 @@ typedef struct { char *boundary_next; int boundary_next_len; + const zend_encoding *input_encoding; + const zend_encoding **detect_order; + size_t detect_order_size; } multipart_buffer; typedef struct { @@ -351,7 +278,7 @@ static int multipart_buffer_eof(multipart_buffer *self } /* create new multipart_buffer structure */ -static multipart_buffer *multipart_buffer_new(char *boundary, int boundary_len) +static multipart_buffer *multipart_buffer_new(char *boundary, int boundary_len TSRMLS_DC) { multipart_buffer *self = (multipart_buffer *) ecalloc(1, sizeof(multipart_buffer)); @@ -368,6 +295,15 @@ static multipart_buffer *multipart_buffer_new(char *bo self->buf_begin = self->buffer; self->bytes_in_buffer = 0; + if (php_rfc1867_encoding_translation(TSRMLS_C)) { + php_rfc1867_get_detect_order(&self->detect_order, &self->detect_order_size TSRMLS_CC); + } else { + self->detect_order = NULL; + self->detect_order_size = 0; + } + + self->input_encoding = NULL; + return self; } @@ -478,6 +414,10 @@ static int multipart_buffer_headers(multipart_buffer * char *key = line; char *value = NULL; + if (php_rfc1867_encoding_translation(TSRMLS_C)) { + self->input_encoding = zend_multibyte_encoding_detector(line, strlen(line), self->detect_order, self->detect_order_size TSRMLS_CC); + } + /* space in the beginning means same header */ if (!isspace(line[0])) { value = strchr(line, ':'); @@ -533,7 +473,7 @@ static char *php_mime_get_hdr_value(zend_llist header, return NULL; } -static char *php_ap_getword(char **line, char stop) +static char *php_ap_getword(const zend_encoding *encoding, char **line, char stop TSRMLS_DC) { char *pos = *line, quote; char *res; @@ -569,29 +509,17 @@ static char *php_ap_getword(char **line, char stop) return res; } -static char *substring_conf(char *start, int len, char quote TSRMLS_DC) +static char *substring_conf(char *start, int len, char quote) { - char *result = emalloc(len + 2); + char *result = emalloc(len + 1); char *resp = result; int i; - for (i = 0; i < len; ++i) { + for (i = 0; i < len && start[i] != quote; ++i) { if (start[i] == '\\' && (start[i + 1] == '\\' || (quote && start[i + 1] == quote))) { *resp++ = start[++i]; } else { -#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) - if (php_mb_encoding_translation(TSRMLS_C)) { - size_t j = php_mb_gpc_mbchar_bytes(start+i TSRMLS_CC); - while (j-- > 0 && i < len) { - *resp++ = start[i++]; - } - --i; - } else { - *resp++ = start[i]; - } -#else *resp++ = start[i]; -#endif } } @@ -599,65 +527,49 @@ static char *substring_conf(char *start, int len, char return result; } -static char *php_ap_getword_conf(char **line TSRMLS_DC) +static char *php_ap_getword_conf(const zend_encoding *encoding, char *str TSRMLS_DC) { - char *str = *line, *strend, *res, quote; - -#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) - if (php_mb_encoding_translation(TSRMLS_C)) { - int len=strlen(str); - php_mb_gpc_encoding_detector(&str, &len, 1, NULL TSRMLS_CC); - } -#endif - while (*str && isspace(*str)) { ++str; } if (!*str) { - *line = str; return estrdup(""); } - if ((quote = *str) == '"' || quote == '\'') { - strend = str + 1; -look_for_quote: - while (*strend && *strend != quote) { - if (*strend == '\\' && strend[1] && strend[1] == quote) { - strend += 2; - } else { - ++strend; - } - } - if (*strend && *strend == quote) { - char p = *(strend + 1); - if (p != '\r' && p != '\n' && p != '\0') { - strend++; - goto look_for_quote; - } - } + if (*str == '"' || *str == '\'') { + char quote = *str; - res = substring_conf(str + 1, strend - str - 1, quote TSRMLS_CC); - - if (*strend == quote) { - ++strend; - } - + str++; + return substring_conf(str, strlen(str), quote); } else { + char *strend = str; - strend = str; while (*strend && !isspace(*strend)) { ++strend; } - res = substring_conf(str, strend - str, 0 TSRMLS_CC); + return substring_conf(str, strend - str, 0); } +} - while (*strend && isspace(*strend)) { - ++strend; - } +static char *php_ap_basename(const zend_encoding *encoding, char *path TSRMLS_DC) +{ + char *s = strrchr(path, '\\'); + char *s2 = strrchr(path, '/'); - *line = strend; - return res; + if (s && s2) { + if (s > s2) { + ++s; + } else { + s = ++s2; + } + return s; + } else if (s) { + return ++s; + } else if (s2) { + return ++s2; + } + return path; } /* @@ -760,7 +672,7 @@ static char *multipart_buffer_read_body(multipart_buff * */ -SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ +SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ { char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL; char *temp_filename = NULL, *lbuf = NULL, *abuf = NULL; @@ -768,18 +680,29 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) int max_file_size = 0, skip_upload = 0, anonindex = 0, is_anonymous; zval *http_post_files = NULL; HashTable *uploaded_files = NULL; -#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) - int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL; - char **val_list = NULL; -#endif multipart_buffer *mbuff; zval *array_ptr = (zval *) arg; int fd = -1; zend_llist header; void *event_extra_data = NULL; - int llen = 0; + unsigned int llen = 0; int upload_cnt = INI_INT("max_file_uploads"); + const zend_encoding *internal_encoding = zend_multibyte_get_internal_encoding(TSRMLS_C); + php_rfc1867_getword_t getword; + php_rfc1867_getword_conf_t getword_conf; + php_rfc1867_basename_t _basename; + long count = 0; + if (php_rfc1867_encoding_translation(TSRMLS_C) && internal_encoding) { + getword = php_rfc1867_getword; + getword_conf = php_rfc1867_getword_conf; + _basename = php_rfc1867_basename; + } else { + getword = php_ap_getword; + getword_conf = php_ap_getword_conf; + _basename = php_ap_basename; + } + if (SG(post_max_size) > 0 && SG(request_info).content_length > SG(post_max_size)) { sapi_module.sapi_error(E_WARNING, "POST Content-Length of %ld bytes exceeds the limit of %ld bytes", SG(request_info).content_length, SG(post_max_size)); return; @@ -824,7 +747,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) } /* Initialize the buffer */ - if (!(mbuff = multipart_buffer_new(boundary, boundary_len))) { + if (!(mbuff = multipart_buffer_new(boundary, boundary_len TSRMLS_CC))) { sapi_module.sapi_error(E_WARNING, "Unable to initialize the input buffer"); return; } @@ -841,12 +764,6 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) INIT_PZVAL(http_post_files); PG(http_globals)[TRACK_VARS_FILES] = http_post_files; -#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) - if (php_mb_encoding_translation(TSRMLS_C)) { - val_list = (char **)ecalloc(num_vars_max+2, sizeof(char *)); - len_list = (int *)ecalloc(num_vars_max+2, sizeof(int)); - } -#endif zend_llist_init(&header, sizeof(mime_header_entry), (llist_dtor_func_t) php_free_hdr_entry, 0); if (php_rfc1867_callback != NULL) { @@ -879,7 +796,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) ++cd; } - while (*cd && (pair = php_ap_getword(&cd, ';'))) + while (*cd && (pair = getword(mbuff->input_encoding, &cd, ';' TSRMLS_CC))) { char *key = NULL, *word = pair; @@ -888,18 +805,34 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) } if (strchr(pair, '=')) { - key = php_ap_getword(&pair, '='); + key = getword(mbuff->input_encoding, &pair, '=' TSRMLS_CC); if (!strcasecmp(key, "name")) { if (param) { efree(param); } - param = php_ap_getword_conf(&pair TSRMLS_CC); + param = getword_conf(mbuff->input_encoding, pair TSRMLS_CC); + if (mbuff->input_encoding && internal_encoding) { + unsigned char *new_param; + size_t new_param_len; + if ((size_t)-1 != zend_multibyte_encoding_converter(&new_param, &new_param_len, (unsigned char *)param, strlen(param), internal_encoding, mbuff->input_encoding TSRMLS_CC)) { + efree(param); + param = (char *)new_param; + } + } } else if (!strcasecmp(key, "filename")) { if (filename) { efree(filename); } - filename = php_ap_getword_conf(&pair TSRMLS_CC); + filename = getword_conf(mbuff->input_encoding, pair TSRMLS_CC); + if (mbuff->input_encoding && internal_encoding) { + unsigned char *new_filename; + size_t new_filename_len; + if ((size_t)-1 != zend_multibyte_encoding_converter(&new_filename, &new_filename_len, (unsigned char *)filename, strlen(filename), internal_encoding, mbuff->input_encoding TSRMLS_CC)) { + efree(filename); + filename = (char *)new_filename; + } + } } } if (key) { @@ -916,9 +849,20 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) if (!value) { value = estrdup(""); + value_len = 0; } - if (sapi_module.input_filter(PARSE_POST, param, &value, value_len, &new_val_len TSRMLS_CC)) { + if (mbuff->input_encoding && internal_encoding) { + unsigned char *new_value; + size_t new_value_len; + if ((size_t)-1 != zend_multibyte_encoding_converter(&new_value, &new_value_len, (unsigned char *)value, value_len, internal_encoding, mbuff->input_encoding TSRMLS_CC)) { + efree(value); + value = (char *)new_value; + value_len = new_value_len; + } + } + + if (++count <= PG(max_input_vars) && sapi_module.input_filter(PARSE_POST, param, &value, value_len, &new_val_len TSRMLS_CC)) { if (php_rfc1867_callback != NULL) { multipart_event_formdata event_formdata; size_t newlength = new_val_len; @@ -935,25 +879,22 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) } new_val_len = newlength; } - -#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) - if (php_mb_encoding_translation(TSRMLS_C)) { - php_mb_gpc_stack_variable(param, value, &val_list, &len_list, &num_vars, &num_vars_max TSRMLS_CC); - } else { - safe_php_register_variable(param, value, new_val_len, array_ptr, 0 TSRMLS_CC); - } -#else safe_php_register_variable(param, value, new_val_len, array_ptr, 0 TSRMLS_CC); -#endif - } else if (php_rfc1867_callback != NULL) { - multipart_event_formdata event_formdata; + } else { + if (count == PG(max_input_vars) + 1) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.", PG(max_input_vars)); + } + + if (php_rfc1867_callback != NULL) { + multipart_event_formdata event_formdata; - event_formdata.post_bytes_processed = SG(read_post_bytes); - event_formdata.name = param; - event_formdata.value = &value; - event_formdata.length = value_len; - event_formdata.newlength = NULL; - php_rfc1867_callback(MULTIPART_EVENT_FORMDATA, &event_formdata, &event_extra_data TSRMLS_CC); + event_formdata.post_bytes_processed = SG(read_post_bytes); + event_formdata.name = param; + event_formdata.value = &value; + event_formdata.length = value_len; + event_formdata.newlength = NULL; + php_rfc1867_callback(MULTIPART_EVENT_FORMDATA, &event_formdata, &event_extra_data TSRMLS_CC); + } } if (!strcasecmp(param, "MAX_FILE_SIZE")) { @@ -1008,6 +949,10 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) } tmp++; } + /* Brackets should always be closed */ + if(c != 0) { + skip_upload = 1; + } } total_bytes = cancel_upload = 0; @@ -1043,7 +988,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) offset = 0; end = 0; - + if (!cancel_upload) { /* only bother to open temp file if we have data */ blen = multipart_buffer_read(mbuff, buff, sizeof(buff), &end TSRMLS_CC); @@ -1078,12 +1023,12 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) } } - if (PG(upload_max_filesize) > 0 && (total_bytes+blen) > PG(upload_max_filesize)) { + if (PG(upload_max_filesize) > 0 && (long)(total_bytes+blen) > PG(upload_max_filesize)) { #if DEBUG_FILE_UPLOAD sapi_module.sapi_error(E_NOTICE, "upload_max_filesize of %ld bytes exceeded - file [%s=%s] not saved", PG(upload_max_filesize), param, filename); #endif cancel_upload = UPLOAD_ERROR_A; - } else if (max_file_size && ((total_bytes+blen) > max_file_size)) { + } else if (max_file_size && ((long)(total_bytes+blen) > max_file_size)) { #if DEBUG_FILE_UPLOAD sapi_module.sapi_error(E_NOTICE, "MAX_FILE_SIZE of %ld bytes exceeded - file [%s=%s] not saved", max_file_size, param, filename); #endif @@ -1179,56 +1124,18 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) snprintf(lbuf, llen, "%s_name", param); } -#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) - if (php_mb_encoding_translation(TSRMLS_C)) { - if (num_vars >= num_vars_max) { - php_mb_gpc_realloc_buffer(&val_list, &len_list, &num_vars_max, 1 TSRMLS_CC); - } - val_list[num_vars] = filename; - len_list[num_vars] = strlen(filename); - num_vars++; - if (php_mb_gpc_encoding_detector(val_list, len_list, num_vars, NULL TSRMLS_CC) == SUCCESS) { - str_len = strlen(filename); - php_mb_gpc_encoding_converter(&filename, &str_len, 1, NULL, NULL TSRMLS_CC); - } - s = php_mb_strrchr(filename, '\\' TSRMLS_CC); - if ((tmp = php_mb_strrchr(filename, '/' TSRMLS_CC)) > s) { - s = tmp; - } - num_vars--; - goto filedone; - } -#endif /* The \ check should technically be needed for win32 systems only where * it is a valid path separator. However, IE in all it's wisdom always sends * the full path of the file on the user's filesystem, which means that unless * the user does basename() they get a bogus file name. Until IE's user base drops * to nill or problem is fixed this code must remain enabled for all systems. */ - s = strrchr(filename, '\\'); - if ((tmp = strrchr(filename, '/')) > s) { - s = tmp; + s = _basename(internal_encoding, filename TSRMLS_CC); + if (!s) { + s = filename; } -#ifdef PHP_WIN32 - if (PG(magic_quotes_gpc)) { - if ((tmp = strrchr(s ? s : filename, '\'')) > s) { - s = tmp; - } - if ((tmp = strrchr(s ? s : filename, '"')) > s) { - s = tmp; - } - } -#endif -#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING) -filedone: -#endif - if (!is_anonymous) { - if (s && s >= filename) { - safe_php_register_variable(lbuf, s+1, strlen(s+1), NULL, 0 TSRMLS_CC); - } else { - safe_php_register_variable(lbuf, filename, strlen(filename), NULL, 0 TSRMLS_CC); - } + safe_php_register_variable(lbuf, s, strlen(s), NULL, 0 TSRMLS_CC); } /* Add $foo[name] */ @@ -1237,11 +1144,7 @@ filedone: } else { snprintf(lbuf, llen, "%s[name]", param); } - if (s && s >= filename) { - register_http_post_files_variable(lbuf, s+1, http_post_files, 0 TSRMLS_CC); - } else { - register_http_post_files_variable(lbuf, filename, http_post_files, 0 TSRMLS_CC); - } + register_http_post_files_variable(lbuf, s, http_post_files, 0 TSRMLS_CC); efree(filename); s = NULL; @@ -1281,7 +1184,7 @@ filedone: s = ""; { - /* store temp_filename as-is (without magic_quotes_gpc-ing it, in case upload_tmp_dir + /* store temp_filename as-is (in case upload_tmp_dir * contains escapeable characters. escape only the variable name.) */ zval zfilename; @@ -1357,7 +1260,32 @@ fileupload_done: php_rfc1867_callback(MULTIPART_EVENT_END, &event_end, &event_extra_data TSRMLS_CC); } - SAFE_RETURN; + if (lbuf) efree(lbuf); + if (abuf) efree(abuf); + if (array_index) efree(array_index); + zend_hash_destroy(&PG(rfc1867_protected_variables)); + zend_llist_destroy(&header); + if (mbuff->boundary_next) efree(mbuff->boundary_next); + if (mbuff->boundary) efree(mbuff->boundary); + if (mbuff->buffer) efree(mbuff->buffer); + if (mbuff) efree(mbuff); +} +/* }}} */ + +SAPI_API void php_rfc1867_set_multibyte_callbacks( + php_rfc1867_encoding_translation_t encoding_translation, + php_rfc1867_get_detect_order_t get_detect_order, + php_rfc1867_set_input_encoding_t set_input_encoding, + php_rfc1867_getword_t getword, + php_rfc1867_getword_conf_t getword_conf, + php_rfc1867_basename_t basename) /* {{{ */ +{ + php_rfc1867_encoding_translation = encoding_translation; + php_rfc1867_get_detect_order = get_detect_order; + php_rfc1867_set_input_encoding = set_input_encoding; + php_rfc1867_getword = getword; + php_rfc1867_getword_conf = getword_conf; + php_rfc1867_basename = basename; } /* }}} */