ID: 10322 Comment by: nude-hairy550 at hotmail dot com Reported By: php-bugrep at pgregg dot com Status: Bogus Bug Type: PHP options/info functions Operating System: All PHP Version: 4.0.4pl1 New Comment:
<a href=http://a-nakedamateur-soft.da.ru>hairy nude</a> Previous Comments: ------------------------------------------------------------------------ [2001-04-16 11:12:03] [EMAIL PROTECTED] This is almost an exact copy of a patch I had submitted in October of 2000.(before I became a contributor). http://marc.theaimsgroup.com/?l=php-dev&m=97145490702792&w=2 This idea (and many others) was on hold to a cleaner redesign of safe_mode. There is NO logical error, basedir is used, check the patch that YOU *supposedly* submited, it uses basedir. Please don't try and claim other peoples code as your own. Marked as Bogus -Jason ------------------------------------------------------------------------ [2001-04-14 08:20:55] php-bugrep at pgregg dot com Thanks for the response, however, can you confirm that there is a logical coding error here? The DOCUMENT_ROOT patch is secondary and would be nice - but is the bug going to be fixed in 4.0.5 ? Regards, Paul. ------------------------------------------------------------------------ [2001-04-14 05:34:04] [EMAIL PROTECTED] This will not make it into 4.0.5 as this was branched a while back but it might well make it into 4.0.6. Ill get a developer to look at this patch. - James ------------------------------------------------------------------------ [2001-04-13 20:57:35] php-bugrep at pgregg dot com I thought, while I'm here, I'd submit a patch to fix this. The patch also includes support for an additional special case in php.ini's open_basedir. The current "." allows scripts to access files in the same directory as the script. "DOCUMENT_ROOT" allows a script to access any other file in the virtualhost's directory tree. DOCUMENT_ROOT is calculated by PATH_TRANSLATED and removing SCRIPT_URI from the end - This conveniently works for both full Apache Virtalhosts and mod_aliased Mass virtual hosting (I don't know if this is true for the newer mod_vhost - just check what PATH_TRANSLATED and SCRIPT_URI is set to in phpinfo() - if removing the latter from the former is the sites docroot then you are away). Anyway, the patch: code shamelessly copied from the "." segment :) *** main/fopen-wrappers.c.orig Fri Apr 13 17:50:02 2001 --- main/fopen-wrappers.c Sat Apr 14 01:46:28 2001 *************** *** 141,151 **** char resolved_name[MAXPATHLEN]; char resolved_basedir[MAXPATHLEN]; char local_open_basedir[MAXPATHLEN]; int local_open_basedir_pos; SLS_FETCH(); /* Special case basedir==".": Use script-directory */ ! if ((strcmp(PG(open_basedir), ".") == 0) && SG(request_info).path_translated && *SG(request_info).path_translated ) { --- 141,167 ---- char resolved_name[MAXPATHLEN]; char resolved_basedir[MAXPATHLEN]; char local_open_basedir[MAXPATHLEN]; + char *local_open_request_uri; int local_open_basedir_pos; SLS_FETCH(); + /* Special case basedir="DOCUMENT_ROOT": Restrict to directory of the + * virtualhost itself as calculated by PATH_TRANSLATED - SCRIPT_URI + * [EMAIL PROTECTED] + */ + if ((strcmp(basedir, "DOCUMENT_ROOT") == 0) && + SG(request_info).path_translated && + *SG(request_info).path_translated ) { + /* Copy path_translated to local_open_basedir, the look in + this string for where request_uri starts and zero that byte + thus leaving local_open_basedir set to the virtualhost's + DOCUMENT_ROOT */ + strlcpy(local_open_basedir, SG(request_info).path_translated, si zeof(local_open_basedir)); + local_open_request_uri=strstr(local_open_basedir,SG(request_info ).request_uri); + if (local_open_request_uri) *local_open_request_uri = '\0'; + } else /* Special case basedir==".": Use script-directory */ ! if ((strcmp(basedir, ".") == 0) && SG(request_info).path_translated && *SG(request_info).path_translated ) { (I realise cut-n-paste into this window will convert all the nice TABS to spaces, so a patch < this file isn't going to be as clean). I'd really appreciate this being included in the next patchlevel / release as I'd guess that anyone already using "." will want this. Paul. ------------------------------------------------------------------------ [2001-04-13 18:52:07] php-bugrep at pgregg dot com In main/fopen_wrappers.c I see that there is a function: PHPAPI int php_check_specific_open_basedir(char *basedir, char *path PLS_DC) However "basedir" is never used in this function at all, only PG(open_basedir). Surely this negates the point of the function being called individually for each tokenised entry on open_basedir/php.ini? I think it will only match, ever, on the first entry in the config file. So, should all references to PG(open_basedir) in php_check_specific_open_basedir() be replaced with the arg basedir ? Thanks, Paul Gregg (Hacking in support for DOCUMENT_ROOT as another "specical case") ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=10322&edit=1
