File php-5.3.5-CVE-2012-0831.patch of Package php5

http://svn.php.net/viewvc?view=revision&revision=323016
Index: main/php_variables.c
===================================================================
--- main/php_variables.c.orig
+++ main/php_variables.c
@@ -452,7 +452,10 @@ void _php_import_environment_variables(z
 
 	/* turn off magic_quotes while importing environment variables */
 	int magic_quotes_gpc = PG(magic_quotes_gpc);
-	PG(magic_quotes_gpc) = 0;
+
+	if (PG(magic_quotes_gpc)) {
+		zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+	}
 
 	for (env = environ; env != NULL && *env != NULL; env++) {
 		p = strchr(*env, '=');
@@ -595,7 +598,9 @@ static inline void php_register_server_v
 		zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_SERVER]);
 	}
 	PG(http_globals)[TRACK_VARS_SERVER] = array_ptr;
-	PG(magic_quotes_gpc) = 0;
+	if (PG(magic_quotes_gpc)) {
+		zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+	}
 
 	/* Server variables */
 	if (sapi_module.register_server_variables) {
Index: sapi/cgi/cgi_main.c
===================================================================
--- sapi/cgi/cgi_main.c.orig
+++ sapi/cgi/cgi_main.c
@@ -624,7 +624,9 @@ void cgi_php_import_environment_variable
 		int filter_arg = (array_ptr == PG(http_globals)[TRACK_VARS_ENV])?PARSE_ENV:PARSE_SERVER;
 
 		/* turn off magic_quotes while importing environment variables */
-		PG(magic_quotes_gpc) = 0;
+		if (PG(magic_quotes_gpc)) {
+			zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+		}
 		for (zend_hash_internal_pointer_reset_ex(request->env, &pos);
 			zend_hash_get_current_key_ex(request->env, &var, &var_len, &idx, 0, &pos) == HASH_KEY_IS_STRING &&
 			zend_hash_get_current_data_ex(request->env, (void **) &val, &pos) == SUCCESS;
Index: sapi/fpm/fpm/fpm_main.c
===================================================================
--- sapi/fpm/fpm/fpm_main.c.orig
+++ sapi/fpm/fpm/fpm_main.c
@@ -641,7 +641,9 @@ void cgi_php_import_environment_variable
 		int filter_arg = (array_ptr == PG(http_globals)[TRACK_VARS_ENV])?PARSE_ENV:PARSE_SERVER;
 
 		/* turn off magic_quotes while importing environment variables */
-		PG(magic_quotes_gpc) = 0;
+	       if (PG(magic_quotes_gpc)) {
+        	       zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+       		}
 		for (zend_hash_internal_pointer_reset_ex(request->env, &pos);
 			zend_hash_get_current_key_ex(request->env, &var, &var_len, &idx, 0, &pos) == HASH_KEY_IS_STRING &&
 			zend_hash_get_current_data_ex(request->env, (void **) &val, &pos) == SUCCESS;
openSUSE Build Service is sponsored by