diff options
Diffstat (limited to 'header.c')
| -rw-r--r-- | header.c | 13 |
1 files changed, 5 insertions, 8 deletions
| @@ -17,9 +17,6 @@ | |||
| 17 | | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | | 17 | | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | |
| 18 | +----------------------------------------------------------------------+ | 18 | +----------------------------------------------------------------------+ |
| 19 | */ | 19 | */ |
| 20 | /* | ||
| 21 | $Id: header.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ | ||
| 22 | */ | ||
| 23 | 20 | ||
| 24 | #ifdef HAVE_CONFIG_H | 21 | #ifdef HAVE_CONFIG_H |
| 25 | #include "config.h" | 22 | #include "config.h" |
| @@ -41,9 +38,9 @@ static int suhosin_header_handler(sapi_header_struct *sapi_header, sapi_header_o | |||
| 41 | if (op != SAPI_HEADER_ADD && op != SAPI_HEADER_REPLACE) { | 38 | if (op != SAPI_HEADER_ADD && op != SAPI_HEADER_REPLACE) { |
| 42 | goto suhosin_skip_header_handling; | 39 | goto suhosin_skip_header_handling; |
| 43 | } | 40 | } |
| 44 | 41 | ||
| 45 | if (sapi_header && sapi_header->header) { | 42 | if (sapi_header && sapi_header->header) { |
| 46 | 43 | ||
| 47 | char *tmp = sapi_header->header; | 44 | char *tmp = sapi_header->header; |
| 48 | 45 | ||
| 49 | for (int i = 0; i < sapi_header->header_len; i++, tmp++) { | 46 | for (int i = 0; i < sapi_header->header_len; i++, tmp++) { |
| @@ -55,7 +52,7 @@ static int suhosin_header_handler(sapi_header_struct *sapi_header, sapi_header_o | |||
| 55 | } | 52 | } |
| 56 | if (SUHOSIN7_G(allow_multiheader)) { | 53 | if (SUHOSIN7_G(allow_multiheader)) { |
| 57 | continue; | 54 | continue; |
| 58 | } else if ((tmp[0] == '\r' && (tmp[1] != '\n' || i == 0)) || | 55 | } else if ((tmp[0] == '\r' && (tmp[1] != '\n' || i == 0)) || |
| 59 | (tmp[0] == '\n' && (i == sapi_header->header_len-1 || i == 0 || (tmp[1] != ' ' && tmp[1] != '\t')))) { | 56 | (tmp[0] == '\n' && (i == sapi_header->header_len-1 || i == 0 || (tmp[1] != ' ' && tmp[1] != '\t')))) { |
| 60 | suhosin_log(S_MISC, "%s() - wanted to send multiple HTTP headers at once", suhosin_get_active_function_name()); | 57 | suhosin_log(S_MISC, "%s() - wanted to send multiple HTTP headers at once", suhosin_get_active_function_name()); |
| 61 | if (!SUHOSIN7_G(simulation)) { | 58 | if (!SUHOSIN7_G(simulation)) { |
| @@ -99,8 +96,8 @@ static int suhosin_header_handler(sapi_header_struct *sapi_header, sapi_header_o | |||
| 99 | } | 96 | } |
| 100 | vlen = end-value; | 97 | vlen = end-value; |
| 101 | 98 | ||
| 102 | zend_string *zs_val = suhosin_encrypt_single_cookie(name, nlen, value, vlen, (char *)cryptkey); | 99 | zend_string *zs_val = suhosin_encrypt_single_cookie(name, nlen, value, vlen, (char *)cryptkey); |
| 103 | 100 | ||
| 104 | len = sizeof("Set-Cookie: ")-1 + nlen + 1 + ZSTR_LEN(zs_val) + rend-end; | 101 | len = sizeof("Set-Cookie: ")-1 + nlen + 1 + ZSTR_LEN(zs_val) + rend-end; |
| 105 | tmp = emalloc(len + 1); | 102 | tmp = emalloc(len + 1); |
| 106 | tlen = sprintf(tmp, "Set-Cookie: %.*s=%s", nlen, name, ZSTR_VAL(zs_val)); | 103 | tlen = sprintf(tmp, "Set-Cookie: %.*s=%s", nlen, name, ZSTR_VAL(zs_val)); |