add test

Author: devnexen

sapi/cli/php_cli_server.c

@@ -1678,19 +1678,20 @@ static int php_cli_server_client_read_request_on_fragment(php_http_parser *parse
 
 static void php_cli_server_client_save_header(php_cli_server_client *client)
 {
-	zval *entry;
 	/* Wrap header value in a zval to add is to the HashTable which acts as an array */
 	zval tmp;
 	/* strip off the colon */
 	zend_string *lc_header_name = zend_string_tolower_ex(client->current_header_name, /* persistent */ true);
 	GC_MAKE_PERSISTENT_LOCAL(lc_header_name);
 
+	zval *entry = zend_hash_find(&client->request.headers, lc_header_name);
+	bool is_forwarded_header = strstr(ZSTR_VAL(lc_header_name), "forwarded");
+
 	/**
 	 * **Forwarded** HTTP family headers can have 1 or more values separated by a comma while still
 	 * possibly be set separately by the client.
 	 **/
-	if (!strstr(ZSTR_VAL(lc_header_name), "forwarded") ||
-             (entry = zend_hash_find(&client->request.headers, lc_header_name)) == NULL) {
+	if ((entry == NULL && is_forwarded_header) || !is_forwarded_header) {
 		ZVAL_STR(&tmp, client->current_header_value);
 
 		/* Add the wrapped zend_string to the HashTable */

sapi/cli/tests/gh16137.phpt

@@ -0,0 +1,20 @@
+--TEST--
+Bug GH-16137 duplicate *Forwarded* HTTP headers values.
+--INI--
+allow_url_fopen=1
+--SKIPIF--
+<?php
+include "skipif.inc";
+?>
+--FILE--
+<?php
+include "php_cli_server.inc";
+php_cli_server_start("echo \$_SERVER['HTTP_X_FORWARDED_FOR'];");
+$ctx = stream_context_create(array('http' => array (
+    'method' => 'POST',
+    'header' => array('x-forwarded-for: 127.0.0.1', 'x-forwarded-for: 192.168.1.254')
+)));
+var_dump(file_get_contents("http://" . PHP_CLI_SERVER_ADDRESS, true, $ctx));
+?>
+--EXPECT--
+string(23) "127.0.0.1,192.168.1.254"