diff -Nru php-5.1.6.org/ext/standard/php_var.h php-5.1.6.mod/ext/standard/php_var.h --- php-5.1.6.org/ext/standard/php_var.h 2006-01-01 13:50:15.000000000 +0100 +++ php-5.1.6.mod/ext/standard/php_var.h 2010-12-07 03:34:24.806048918 +0100 @@ -68,4 +68,48 @@ PHPAPI zend_class_entry *php_create_empty_class(char *class_name, int len); +static inline int php_varname_check(char *name, int name_len, zend_bool silent TSRMLS_DC) /* {{{ */ +{ + if (name_len == sizeof("GLOBALS") && !memcmp(name, "GLOBALS", sizeof("GLOBALS"))) { + if (!silent) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempted GLOBALS variable overwrite"); + } + return FAILURE; + } else if (name[0] == '_' && + ( + (name_len == sizeof("_GET") && !memcmp(name, "_GET", sizeof("_GET"))) || + (name_len == sizeof("_POST") && !memcmp(name, "_POST", sizeof("_POST"))) || + (name_len == sizeof("_COOKIE") && !memcmp(name, "_COOKIE", sizeof("_COOKIE"))) || + (name_len == sizeof("_ENV") && !memcmp(name, "_ENV", sizeof("_ENV"))) || + (name_len == sizeof("_SERVER") && !memcmp(name, "_SERVER", sizeof("_SERVER"))) || + (name_len == sizeof("_SESSION") && !memcmp(name, "_SESSION", sizeof("_SESSION"))) || + (name_len == sizeof("_FILES") && !memcmp(name, "_FILES", sizeof("_FILES"))) || + (name_len == sizeof("_REQUEST") && !memcmp(name, "_REQUEST", sizeof("_REQUEST"))) + ) + ) { + if (!silent) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempted super-global (%s) variable overwrite", name); + } + return FAILURE; + } else if (name[0] == 'H' && + ( + (name_len == sizeof("HTTP_POST_VARS") && !memcmp(name, "HTTP_POST_VARS", sizeof("HTTP_POST_VARS"))) || + (name_len == sizeof("HTTP_GET_VARS") && !memcmp(name, "HTTP_GET_VARS", sizeof("HTTP_GET_VARS"))) || + (name_len == sizeof("HTTP_COOKIE_VARS") && !memcmp(name, "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"))) || + (name_len == sizeof("HTTP_ENV_VARS") && !memcmp(name, "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS"))) || + (name_len == sizeof("HTTP_SERVER_VARS") && !memcmp(name, "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS"))) || + (name_len == sizeof("HTTP_SESSION_VARS") && !memcmp(name, "HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS"))) || + (name_len == sizeof("HTTP_RAW_POST_DATA") && !memcmp(name, "HTTP_RAW_POST_DATA", sizeof("HTTP_RAW_POST_DATA"))) || + (name_len == sizeof("HTTP_POST_FILES") && !memcmp(name, "HTTP_POST_FILES", sizeof("HTTP_POST_FILES"))) + ) + ) { + if (!silent) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempted long input array (%s) overwrite", name); + } + return FAILURE; + } + return SUCCESS; +} +/* }}} */ + #endif /* PHP_VAR_H */ diff -Nru php-5.1.6.org/Zend/zend_operators.c php-5.1.6.mod/Zend/zend_operators.c --- php-5.1.6.org/Zend/zend_operators.c 2006-02-05 18:07:40.000000000 +0100 +++ php-5.1.6.mod/Zend/zend_operators.c 2010-12-07 03:32:29.590152000 +0100 @@ -60,6 +60,33 @@ return retval; } +ZEND_API long zend_atol(const char *str, int str_len) /* {{{ */ +{ + long retval; + + if (!str_len) { + str_len = strlen(str); + } + retval = strtol(str, NULL, 0); + if (str_len>0) { + switch (str[str_len-1]) { + case 'g': + case 'G': + retval *= 1024; + /* break intentionally missing */ + case 'm': + case 'M': + retval *= 1024; + /* break intentionally missing */ + case 'k': + case 'K': + retval *= 1024; + break; + } + } + return retval; +} + ZEND_API double zend_string_to_double(const char *number, zend_uint length) { diff -Nru php-5.1.6.org/Zend/zend_operators.h php-5.1.6.mod/Zend/zend_operators.h --- php-5.1.6.org/Zend/zend_operators.h 2006-01-05 00:53:04.000000000 +0100 +++ php-5.1.6.mod/Zend/zend_operators.h 2010-12-07 03:32:50.267180756 +0100 @@ -216,6 +216,7 @@ ZEND_API void zend_compare_objects(zval *result, zval *o1, zval *o2 TSRMLS_DC); ZEND_API int zend_atoi(const char *str, int str_len); +ZEND_API long zend_atol(const char *str, int str_len); ZEND_API void zend_locale_sprintf_double(zval *op ZEND_FILE_LINE_DC); END_EXTERN_C()