[PHP-CVS] cvs: php4 /main streams.c

Ilia Alshanetsky Sun, 27 Oct 2002 16:30:03 -0800

iliaa           Sun Oct 27 19:28:11 2002 EDT

  Modified files:              
    /php4/main  streams.c 
  Log:
  Fixed bug #20110.
  
  
Index: php4/main/streams.c
diff -u php4/main/streams.c:1.119 php4/main/streams.c:1.120
--- php4/main/streams.c:1.119   Sun Oct 27 18:34:48 2002
+++ php4/main/streams.c Sun Oct 27 19:28:11 2002
@@ -20,7 +20,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: streams.c,v 1.119 2002/10/27 23:34:48 shane Exp $ */
+/* $Id: streams.c,v 1.120 2002/10/28 00:28:11 iliaa Exp $ */
 
 #define _GNU_SOURCE
 #include "php.h"
@@ -1644,13 +1644,20 @@
 {
        FILE *fp;
        char *realpath = NULL;
+       struct stat st;
+       php_stream *ret;
 
        realpath = expand_filepath(filename, NULL TSRMLS_CC);
 
        fp = fopen(realpath, mode);
 
        if (fp) {
-               php_stream *ret = php_stream_fopen_from_file_rel(fp, mode);
+               /* this is done to prevent opening of anything other then regular 
+files */
+               if (fstat(fileno(fp), &st) == -1 || !S_ISREG(st.st_mode)) {
+                       goto err;
+               }
+       
+               ret = php_stream_fopen_from_file_rel(fp, mode);
 
                if (ret)        {
                        if (opened_path)        {
@@ -1662,7 +1669,7 @@
 
                        return ret;
                }
-
+               err:
                fclose(fp);
        }
        efree(realpath);




-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php4 /main streams.c

Reply via email to