1 files changed, 1 insertions, 1 deletions
diff --git a/ufilter.c b/ufilter.c
index 6464ce6..10102aa 100644
--- a/ufilter.c
+++ b/ufilter.c
@@ -133,7 +133,7 @@ static int check_fileupload_varname(char *varname)
        
        /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */
        /* This is to protect several silly scripts that do globalizing themself */
-        if (php_varname_check(var, var_len, 1 TSRMLS_CC) == FAILURE) {
+        if (php_varname_check(var, var_len, 1 TSRMLS_CC) == FAILURE || suhosin_is_protected_varname(var, var_len)) {
                suhosin_log(S_FILES, "tried to register forbidden variable '%s' through FILE variables", var);
                if (!SUHOSIN_G(simulation)) {
                        goto return_failure;

diff --git a/ufilter.c b/ufilter.c index 6464ce6..10102aa 100644 --- a/ufilter.c +++ b/ufilter.c
@@ -133,7 +133,7 @@ static int check_fileupload_varname(char *varname)
133		133
134	/* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */	134	/* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */
135	/* This is to protect several silly scripts that do globalizing themself */	135	/* This is to protect several silly scripts that do globalizing themself */
136	if (php_varname_check(var, var_len, 1 TSRMLS_CC) == FAILURE) {	136	if (php_varname_check(var, var_len, 1 TSRMLS_CC) == FAILURE \|\| suhosin_is_protected_varname(var, var_len)) {
137	suhosin_log(S_FILES, "tried to register forbidden variable '%s' through FILE variables", var);	137	suhosin_log(S_FILES, "tried to register forbidden variable '%s' through FILE variables", var);
138	if (!SUHOSIN_G(simulation)) {	138	if (!SUHOSIN_G(simulation)) {
139	goto return_failure;	139	goto return_failure;