Skip to content

Commit 94ab37f

Browse files
arraypadarraypad
committed
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4: Fixed bug #50308 - session id not appended properly for empty anchor tags
2 parents 0d3d739 + e6ae977 commit 94ab37f

File tree

3 files changed

+97
-94
lines changed

3 files changed

+97
-94
lines changed

ext/session/tests/bug50308.phpt

+30
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
--TEST--
2+
Bug #50308 (session id not appended properly for empty anchor tags)
3+
--SKIPIF--
4+
<?php include('skipif.inc'); ?>
5+
--INI--
6+
session.name=PHPSESSID
7+
session.save_handler=files
8+
session.use_trans_sid=1
9+
session.use_only_cookies=0
10+
--FILE--
11+
<?php
12+
@session_start();
13+
?>
14+
<a href=""/>
15+
<a href="" />
16+
<a href="foo"/>
17+
<a href="foo" />
18+
<a href=foo/>
19+
<a href=/>
20+
<a href=?foo=bar/>
21+
<a href="?foo=bar"/>
22+
--EXPECTF--
23+
<a href="?PHPSESSID=%s"/>
24+
<a href="?PHPSESSID=%s" />
25+
<a href="foo?PHPSESSID=%s"/>
26+
<a href="foo?PHPSESSID=%s" />
27+
<a href=foo/?PHPSESSID=%s>
28+
<a href=/?PHPSESSID=%s>
29+
<a href=?foo=bar/&PHPSESSID=%s>
30+
<a href="?foo=bar&PHPSESSID=%s"/>

ext/standard/url_scanner_ex.c

+65-92
Original file line numberDiff line numberDiff line change
@@ -764,147 +764,120 @@ static inline void xx_mainloop(url_adapt_state_ex_t *ctx, const char *newdata, s
764764
{
765765
YYCTYPE yych;
766766
static const unsigned char yybm[] = {
767-
248, 248, 248, 248, 248, 248, 248, 248,
768-
248, 160, 160, 248, 248, 160, 248, 248,
769-
248, 248, 248, 248, 248, 248, 248, 248,
770-
248, 248, 248, 248, 248, 248, 248, 248,
771-
160, 248, 56, 248, 248, 248, 248, 200,
772-
248, 248, 248, 248, 248, 248, 248, 248,
773-
248, 248, 248, 248, 248, 248, 248, 248,
774-
248, 248, 248, 248, 248, 248, 0, 248,
775-
248, 248, 248, 248, 248, 248, 248, 248,
776-
248, 248, 248, 248, 248, 248, 248, 248,
777-
248, 248, 248, 248, 248, 248, 248, 248,
778-
248, 248, 248, 248, 248, 248, 248, 248,
779-
248, 248, 248, 248, 248, 248, 248, 248,
780-
248, 248, 248, 248, 248, 248, 248, 248,
781-
248, 248, 248, 248, 248, 248, 248, 248,
782-
248, 248, 248, 248, 248, 248, 248, 248,
783-
248, 248, 248, 248, 248, 248, 248, 248,
784-
248, 248, 248, 248, 248, 248, 248, 248,
785-
248, 248, 248, 248, 248, 248, 248, 248,
786-
248, 248, 248, 248, 248, 248, 248, 248,
787-
248, 248, 248, 248, 248, 248, 248, 248,
788-
248, 248, 248, 248, 248, 248, 248, 248,
789-
248, 248, 248, 248, 248, 248, 248, 248,
790-
248, 248, 248, 248, 248, 248, 248, 248,
791-
248, 248, 248, 248, 248, 248, 248, 248,
792-
248, 248, 248, 248, 248, 248, 248, 248,
793-
248, 248, 248, 248, 248, 248, 248, 248,
794-
248, 248, 248, 248, 248, 248, 248, 248,
795-
248, 248, 248, 248, 248, 248, 248, 248,
796-
248, 248, 248, 248, 248, 248, 248, 248,
797-
248, 248, 248, 248, 248, 248, 248, 248,
798-
248, 248, 248, 248, 248, 248, 248, 248,
767+
224, 224, 224, 224, 224, 224, 224, 224,
768+
224, 192, 192, 224, 224, 192, 224, 224,
769+
224, 224, 224, 224, 224, 224, 224, 224,
770+
224, 224, 224, 224, 224, 224, 224, 224,
771+
192, 224, 64, 224, 224, 224, 224, 128,
772+
224, 224, 224, 224, 224, 224, 224, 224,
773+
224, 224, 224, 224, 224, 224, 224, 224,
774+
224, 224, 224, 224, 224, 224, 0, 224,
775+
224, 224, 224, 224, 224, 224, 224, 224,
776+
224, 224, 224, 224, 224, 224, 224, 224,
777+
224, 224, 224, 224, 224, 224, 224, 224,
778+
224, 224, 224, 224, 224, 224, 224, 224,
779+
224, 224, 224, 224, 224, 224, 224, 224,
780+
224, 224, 224, 224, 224, 224, 224, 224,
781+
224, 224, 224, 224, 224, 224, 224, 224,
782+
224, 224, 224, 224, 224, 224, 224, 224,
783+
224, 224, 224, 224, 224, 224, 224, 224,
784+
224, 224, 224, 224, 224, 224, 224, 224,
785+
224, 224, 224, 224, 224, 224, 224, 224,
786+
224, 224, 224, 224, 224, 224, 224, 224,
787+
224, 224, 224, 224, 224, 224, 224, 224,
788+
224, 224, 224, 224, 224, 224, 224, 224,
789+
224, 224, 224, 224, 224, 224, 224, 224,
790+
224, 224, 224, 224, 224, 224, 224, 224,
791+
224, 224, 224, 224, 224, 224, 224, 224,
792+
224, 224, 224, 224, 224, 224, 224, 224,
793+
224, 224, 224, 224, 224, 224, 224, 224,
794+
224, 224, 224, 224, 224, 224, 224, 224,
795+
224, 224, 224, 224, 224, 224, 224, 224,
796+
224, 224, 224, 224, 224, 224, 224, 224,
797+
224, 224, 224, 224, 224, 224, 224, 224,
798+
224, 224, 224, 224, 224, 224, 224, 224,
799799
};
800-
if ((YYLIMIT - YYCURSOR) < 3) YYFILL(3);
800+
if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
801801
yych = *YYCURSOR;
802802
if (yych <= ' ') {
803803
if (yych <= '\f') {
804804
if (yych <= 0x08) goto yy63;
805-
if (yych <= '\n') goto yy64;
805+
if (yych <= '\n') goto yy65;
806806
goto yy63;
807807
} else {
808-
if (yych <= '\r') goto yy64;
808+
if (yych <= '\r') goto yy65;
809809
if (yych <= 0x1F) goto yy63;
810-
goto yy64;
810+
goto yy65;
811811
}
812812
} else {
813813
if (yych <= '&') {
814814
if (yych != '"') goto yy63;
815815
} else {
816816
if (yych <= '\'') goto yy62;
817-
if (yych == '>') goto yy64;
817+
if (yych == '>') goto yy65;
818818
goto yy63;
819819
}
820820
}
821821
yych = *(YYMARKER = ++YYCURSOR);
822-
goto yy77;
822+
if (yych != '>') goto yy74;
823823
yy61:
824-
#line 346 "ext/standard/url_scanner_ex.re"
825-
{ handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
824+
#line 347 "ext/standard/url_scanner_ex.re"
825+
{ passthru(STD_ARGS); goto state_next_arg_begin; }
826826
#line 827 "ext/standard/url_scanner_ex.c"
827827
yy62:
828828
yych = *(YYMARKER = ++YYCURSOR);
829+
if (yych == '>') goto yy61;
829830
goto yy69;
830831
yy63:
831-
yych = *++YYCURSOR;
832+
++YYCURSOR;
833+
yych = *YYCURSOR;
832834
goto yy67;
833835
yy64:
834-
++YYCURSOR;
835-
#line 347 "ext/standard/url_scanner_ex.re"
836-
{ passthru(STD_ARGS); goto state_next_arg_begin; }
837-
#line 838 "ext/standard/url_scanner_ex.c"
836+
#line 346 "ext/standard/url_scanner_ex.re"
837+
{ handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
838+
#line 839 "ext/standard/url_scanner_ex.c"
839+
yy65:
840+
yych = *++YYCURSOR;
841+
goto yy61;
838842
yy66:
839843
++YYCURSOR;
840844
if (YYLIMIT <= YYCURSOR) YYFILL(1);
841845
yych = *YYCURSOR;
842846
yy67:
843-
if (yybm[0+yych] & 8) {
847+
if (yybm[0+yych] & 32) {
844848
goto yy66;
845849
}
846-
goto yy61;
850+
goto yy64;
847851
yy68:
848-
YYMARKER = ++YYCURSOR;
849-
if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
852+
++YYCURSOR;
853+
if (YYLIMIT <= YYCURSOR) YYFILL(1);
850854
yych = *YYCURSOR;
851855
yy69:
852-
if (yybm[0+yych] & 16) {
856+
if (yybm[0+yych] & 64) {
853857
goto yy68;
854858
}
855-
if (yych <= '&') goto yy72;
856-
if (yych >= '(') goto yy61;
857-
++YYCURSOR;
858-
if (yybm[0+(yych = *YYCURSOR)] & 8) {
859-
goto yy66;
860-
}
859+
if (yych <= '=') goto yy71;
860+
yy70:
861+
YYCURSOR = YYMARKER;
862+
goto yy61;
861863
yy71:
864+
++YYCURSOR;
862865
#line 345 "ext/standard/url_scanner_ex.re"
863866
{ handle_val(STD_ARGS, 1, '\''); goto state_next_arg_begin; }
864-
#line 865 "ext/standard/url_scanner_ex.c"
865-
yy72:
867+
#line 868 "ext/standard/url_scanner_ex.c"
868+
yy73:
866869
++YYCURSOR;
867870
if (YYLIMIT <= YYCURSOR) YYFILL(1);
868871
yych = *YYCURSOR;
869-
if (yybm[0+yych] & 32) {
870-
goto yy72;
871-
}
872-
if (yych <= '=') goto yy75;
873872
yy74:
874-
YYCURSOR = YYMARKER;
875-
goto yy61;
876-
yy75:
877-
yych = *++YYCURSOR;
878-
goto yy71;
879-
yy76:
880-
YYMARKER = ++YYCURSOR;
881-
if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
882-
yych = *YYCURSOR;
883-
yy77:
884-
if (yybm[0+yych] & 64) {
885-
goto yy76;
873+
if (yybm[0+yych] & 128) {
874+
goto yy73;
886875
}
887-
if (yych <= '!') goto yy80;
888-
if (yych >= '#') goto yy61;
876+
if (yych >= '>') goto yy70;
889877
++YYCURSOR;
890-
if (yybm[0+(yych = *YYCURSOR)] & 8) {
891-
goto yy66;
892-
}
893-
yy79:
894878
#line 344 "ext/standard/url_scanner_ex.re"
895879
{ handle_val(STD_ARGS, 1, '"'); goto state_next_arg_begin; }
896-
#line 897 "ext/standard/url_scanner_ex.c"
897-
yy80:
898-
++YYCURSOR;
899-
if (YYLIMIT <= YYCURSOR) YYFILL(1);
900-
yych = *YYCURSOR;
901-
if (yybm[0+yych] & 128) {
902-
goto yy80;
903-
}
904-
if (yych >= '>') goto yy74;
905-
++YYCURSOR;
906-
yych = *YYCURSOR;
907-
goto yy79;
880+
#line 881 "ext/standard/url_scanner_ex.c"
908881
}
909882
#line 348 "ext/standard/url_scanner_ex.re"
910883

ext/standard/url_scanner_ex.re

+2-2
Original file line numberDiff line numberDiff line change
@@ -317,7 +317,7 @@ state_next_arg_begin:
317317
state_next_arg:
318318
start = YYCURSOR;
319319
/*!re2c
320-
">" { passthru(STD_ARGS); handle_form(STD_ARGS); goto state_plain_begin; }
320+
[/]? [>] { passthru(STD_ARGS); handle_form(STD_ARGS); goto state_plain_begin; }
321321
[ \v\r\t\n]+ { passthru(STD_ARGS); goto state_next_arg; }
322322
alpha { --YYCURSOR; STATE = STATE_ARG; goto state_arg; }
323323
any { passthru(STD_ARGS); goto state_plain_begin; }
@@ -343,7 +343,7 @@ state_val:
343343
/*!re2c
344344
["] (any\[">])* ["] { handle_val(STD_ARGS, 1, '"'); goto state_next_arg_begin; }
345345
['] (any\['>])* ['] { handle_val(STD_ARGS, 1, '\''); goto state_next_arg_begin; }
346-
(any\[ \r\t\n>])+ { handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
346+
(any\[ \r\t\n>'"])+ { handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
347347
any { passthru(STD_ARGS); goto state_next_arg_begin; }
348348
*/
349349

0 commit comments

Comments
 (0)