[PHP-CVS] cvs: php-src(PHP_5_3) /ext/zip php_zip.c

[Pierre-Alain Joye]

pajoye          Fri Aug  8 15:56:44 2008 UTC

  Modified files:              (Branch: PHP_5_3)
    /php-src/ext/zip    php_zip.c 
  Log:
  - MFH: missing openbasedir check
  
http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.38.2.16&r2=1.1.2.38.2.17&diff_format=u
Index: php-src/ext/zip/php_zip.c
diff -u php-src/ext/zip/php_zip.c:1.1.2.38.2.16 
php-src/ext/zip/php_zip.c:1.1.2.38.2.17
--- php-src/ext/zip/php_zip.c:1.1.2.38.2.16     Fri Aug  8 15:52:53 2008
+++ php-src/ext/zip/php_zip.c   Fri Aug  8 15:56:44 2008
@@ -16,7 +16,7 @@
   +----------------------------------------------------------------------+
 */
 
-/* $Id: php_zip.c,v 1.1.2.38.2.16 2008/08/08 15:52:53 pajoye Exp $ */
+/* $Id: php_zip.c,v 1.1.2.38.2.17 2008/08/08 15:56:44 pajoye Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -1383,6 +1383,10 @@
                RETURN_FALSE;
        }
 
+       if (OPENBASEDIR_CHECKPATH(filename)) {
+               RETURN_FALSE;
+       }
+
        if (!expand_filepath(filename, resolved_path TSRMLS_CC)) {
                RETURN_FALSE;
        }
@@ -2615,7 +2619,7 @@
        php_info_print_table_start();
 
        php_info_print_table_row(2, "Zip", "enabled");
-       php_info_print_table_row(2, "Extension Version","$Id: php_zip.c,v 
1.1.2.38.2.16 2008/08/08 15:52:53 pajoye Exp $");
+       php_info_print_table_row(2, "Extension Version","$Id: php_zip.c,v 
1.1.2.38.2.17 2008/08/08 15:56:44 pajoye Exp $");
        php_info_print_table_row(2, "Zip version", PHP_ZIP_VERSION_STRING);
        php_info_print_table_row(2, "Libzip version", "0.7.1");
 



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php