Fossil SCM
Clear all environment variables prior to invoking a CGI extension. (Works on posix - need to fix it for windows.)
Commit
ed63bdd71e747401ba5044eadabc7c067830e1f3badb37082da51fabc7b12aa3
Parent
7b2b9d6995fffbe…
2 files changed
+1
+11
+1
| --- src/extcgi.c | ||
| +++ src/extcgi.c | ||
| @@ -210,10 +210,11 @@ | ||
| 210 | 210 | cgi_set_parameter_nocopy("FOSSIL_URI", g.zTop, 0); |
| 211 | 211 | cgi_set_parameter_nocopy("FOSSIL_CAPABILITIES", |
| 212 | 212 | db_text("","SELECT fullcap(cap) FROM user WHERE login=%Q", |
| 213 | 213 | g.zLogin ? g.zLogin : "nobody"), 0); |
| 214 | 214 | cgi_replace_parameter("GATEWAY_INTERFACE","CGI/1.0"); |
| 215 | + fossil_clearenv(); | |
| 215 | 216 | for(i=0; i<sizeof(azCgiEnv)/sizeof(azCgiEnv[0]); i++){ |
| 216 | 217 | const char *zVal = P(azCgiEnv[i]); |
| 217 | 218 | if( zVal ) fossil_setenv(azCgiEnv[i], zVal); |
| 218 | 219 | } |
| 219 | 220 | fossil_setenv("HTTP_ACCEPT_ENCODING",""); |
| 220 | 221 |
| --- src/extcgi.c | |
| +++ src/extcgi.c | |
| @@ -210,10 +210,11 @@ | |
| 210 | cgi_set_parameter_nocopy("FOSSIL_URI", g.zTop, 0); |
| 211 | cgi_set_parameter_nocopy("FOSSIL_CAPABILITIES", |
| 212 | db_text("","SELECT fullcap(cap) FROM user WHERE login=%Q", |
| 213 | g.zLogin ? g.zLogin : "nobody"), 0); |
| 214 | cgi_replace_parameter("GATEWAY_INTERFACE","CGI/1.0"); |
| 215 | for(i=0; i<sizeof(azCgiEnv)/sizeof(azCgiEnv[0]); i++){ |
| 216 | const char *zVal = P(azCgiEnv[i]); |
| 217 | if( zVal ) fossil_setenv(azCgiEnv[i], zVal); |
| 218 | } |
| 219 | fossil_setenv("HTTP_ACCEPT_ENCODING",""); |
| 220 |
| --- src/extcgi.c | |
| +++ src/extcgi.c | |
| @@ -210,10 +210,11 @@ | |
| 210 | cgi_set_parameter_nocopy("FOSSIL_URI", g.zTop, 0); |
| 211 | cgi_set_parameter_nocopy("FOSSIL_CAPABILITIES", |
| 212 | db_text("","SELECT fullcap(cap) FROM user WHERE login=%Q", |
| 213 | g.zLogin ? g.zLogin : "nobody"), 0); |
| 214 | cgi_replace_parameter("GATEWAY_INTERFACE","CGI/1.0"); |
| 215 | fossil_clearenv(); |
| 216 | for(i=0; i<sizeof(azCgiEnv)/sizeof(azCgiEnv[0]); i++){ |
| 217 | const char *zVal = P(azCgiEnv[i]); |
| 218 | if( zVal ) fossil_setenv(azCgiEnv[i], zVal); |
| 219 | } |
| 220 | fossil_setenv("HTTP_ACCEPT_ENCODING",""); |
| 221 |
+11
| --- src/file.c | ||
| +++ src/file.c | ||
| @@ -1719,10 +1719,21 @@ | ||
| 1719 | 1719 | /* NOTE: Cannot free the string on POSIX. */ |
| 1720 | 1720 | /* fossil_free(zString); */ |
| 1721 | 1721 | #endif |
| 1722 | 1722 | return rc; |
| 1723 | 1723 | } |
| 1724 | + | |
| 1725 | +/* | |
| 1726 | +** Clear all environment variables | |
| 1727 | +*/ | |
| 1728 | +int fossil_clearenv(void){ | |
| 1729 | +#ifdef _WIN32 | |
| 1730 | + /* FIXME: Not yet supported */ | |
| 1731 | +#else | |
| 1732 | + return clearenv(); | |
| 1733 | +#endif | |
| 1734 | +} | |
| 1724 | 1735 | |
| 1725 | 1736 | /* |
| 1726 | 1737 | ** Like fopen() but always takes a UTF8 argument. |
| 1727 | 1738 | ** |
| 1728 | 1739 | ** This function assumes ExtFILE. In other words, symbolic links |
| 1729 | 1740 |
| --- src/file.c | |
| +++ src/file.c | |
| @@ -1719,10 +1719,21 @@ | |
| 1719 | /* NOTE: Cannot free the string on POSIX. */ |
| 1720 | /* fossil_free(zString); */ |
| 1721 | #endif |
| 1722 | return rc; |
| 1723 | } |
| 1724 | |
| 1725 | /* |
| 1726 | ** Like fopen() but always takes a UTF8 argument. |
| 1727 | ** |
| 1728 | ** This function assumes ExtFILE. In other words, symbolic links |
| 1729 |
| --- src/file.c | |
| +++ src/file.c | |
| @@ -1719,10 +1719,21 @@ | |
| 1719 | /* NOTE: Cannot free the string on POSIX. */ |
| 1720 | /* fossil_free(zString); */ |
| 1721 | #endif |
| 1722 | return rc; |
| 1723 | } |
| 1724 | |
| 1725 | /* |
| 1726 | ** Clear all environment variables |
| 1727 | */ |
| 1728 | int fossil_clearenv(void){ |
| 1729 | #ifdef _WIN32 |
| 1730 | /* FIXME: Not yet supported */ |
| 1731 | #else |
| 1732 | return clearenv(); |
| 1733 | #endif |
| 1734 | } |
| 1735 | |
| 1736 | /* |
| 1737 | ** Like fopen() but always takes a UTF8 argument. |
| 1738 | ** |
| 1739 | ** This function assumes ExtFILE. In other words, symbolic links |
| 1740 |