1 diff -ru cgiwrap-4.1/cgiwrap.c cgiwrap-4.1-bs/cgiwrap.c
2 --- cgiwrap-4.1/cgiwrap.c 2008-06-16 16:34:37.000000000 +0200
3 +++ cgiwrap-4.1-bs/cgiwrap.c 2010-04-21 15:56:07.517357390 +0200
5 StringEndsWith(scriptPath, ".php") ||
6 StringEndsWith(scriptPath, ".php3") ||
7 StringEndsWith(scriptPath, ".php4") ||
8 - StringEndsWith(scriptPath, ".phtml") )
9 + StringEndsWith(scriptPath, ".php5") ||
10 + StringEndsWith(scriptPath, ".php6") ||
11 + StringEndsWith(scriptPath, ".php7") ||
12 + StringEndsWith(scriptPath, ".phtml") ||
13 + !FileMagicSaysItsPHP(scriptPath))
15 Context.interpreted_script = 1;
16 interPath = PATH_PROG_PHP;
17 diff -ru cgiwrap-4.1/util.c cgiwrap-4.1-bs/util.c
18 --- cgiwrap-4.1/util.c 2008-06-16 16:34:37.000000000 +0200
19 +++ cgiwrap-4.1-bs/util.c 2010-04-21 16:00:40.223979033 +0200
21 ** Purpose: Various utility routines used by cgiwrap
25 #include "cgiwrap.h" /* Headers for all CGIwrap source files */
29 int len = strlen(string);
30 int elen = strlen(ending);
32 - if ( len >= elen && !strncmp(string + len - elen, ending, elen) )
33 + if ( len >= elen && !strncasecmp(string + len - elen, ending, elen) )
41 +* Check Mime Magic to determine if file is really a php script, Bartosz Swiatek 04.06.2009
44 +int FileMagicSaysItsPHP(char *file)
46 + magic_t magic_filed;
47 + magic_filed = magic_open(MAGIC_ERROR);
48 + magic_load(magic_filed , NULL);
49 + if(magic_filed == NULL)
51 + const char *ftype = magic_file(magic_filed , file);
52 + const char *stype = "PHP script text";
53 + int len = strlen(stype);
54 + int cmp = strncmp(ftype,stype,len);
55 + DEBUG_Str(" FileMagicSaysItsPHP ftype=", ftype );
56 + DEBUG_Str(" FileMagicSaysItsPHP stype=", stype );
57 + DEBUG_Int(" FileMagicSaysItsPHP strncmp=", cmp);
58 + magic_close(magic_filed);
63 * Check if a path is safe to use
64 * Return true if 'path' contains any whitespace or non-printables
65 * Return true if 'path' contains '../'