Prevent user from making nested PHP requests with virtual()

author: Uwe Schindler <thetaphi@php.net> 2003-07-02 13:37:39 +0000
committer: Uwe Schindler <thetaphi@php.net> 2003-07-02 13:37:39 +0000
commit: 62ef1e2857ce987b69984dd9aed91776b92c175d (patch)
tree: b0a164bde5c1b0cbaf31e3a6f7203f36b6899a92 /sapi
parent: 0d03073c89c3c18f7ed71448f186bd65d0b0af2c (diff)
download: php-git-62ef1e2857ce987b69984dd9aed91776b92c175d.tar.gz
1 files changed, 11 insertions, 1 deletions
diff --git a/sapi/nsapi/nsapi.c b/sapi/nsapi/nsapi.c
index b34c042c1d..480b9b08f4 100644
--- a/sapi/nsapi/nsapi.c
+++ b/sapi/nsapi/nsapi.c
@@ -203,7 +203,7 @@ zend_module_entry nsapi_module_entry = {
 	NULL,
 	NULL,
 	PHP_MINFO(nsapi),
-	"$Id$",
+	"$Revision$",
 	STANDARD_MODULE_PROPERTIES
 };
 /* }}} */
@@ -827,6 +827,15 @@ int NSAPI_PUBLIC php4_execute(pblock *pb, Session *sn, Request *rq)
 
 	TSRMLS_FETCH();
 
+	/* check if this uri was included in an other PHP script with virtual()
+	   by looking for a request context in the current thread */
+	if (SG(server_context)) {
+		/* send 500 internal server error */
+		log_error(LOG_WARN, "php4_execute", sn, rq, "Cannot make nesting PHP requests with virtual()");
+		protocol_status(sn, rq, 500, NULL);
+		return REQ_ABORTED;
+	}
+
 	request_context = (nsapi_request_context *)MALLOC(sizeof(nsapi_request_context));
 	request_context->pb = pb;
 	request_context->sn = sn;
@@ -874,6 +883,7 @@ int NSAPI_PUBLIC php4_execute(pblock *pb, Session *sn, Request *rq)
 	nsapi_free((void*)(SG(request_info).content_type));
 
 	FREE(request_context);
+	SG(server_context) = NULL;
 
 	return retval;
 }
author	Uwe Schindler <thetaphi@php.net>	2003-07-02 13:37:39 +0000
committer	Uwe Schindler <thetaphi@php.net>	2003-07-02 13:37:39 +0000
commit	62ef1e2857ce987b69984dd9aed91776b92c175d (patch)
tree	b0a164bde5c1b0cbaf31e3a6f7203f36b6899a92 /sapi
parent	0d03073c89c3c18f7ed71448f186bd65d0b0af2c (diff)
download	php-git-62ef1e2857ce987b69984dd9aed91776b92c175d.tar.gz