iliaa Thu Nov 6 20:17:32 2003 EDT Modified files: /php-src/ext/ming ming.c Log: Added mandatory safe_mode & open_basedir checks. Index: php-src/ext/ming/ming.c diff -u php-src/ext/ming/ming.c:1.57 php-src/ext/ming/ming.c:1.58 --- php-src/ext/ming/ming.c:1.57 Thu Nov 6 11:50:39 2003 +++ php-src/ext/ming/ming.c Thu Nov 6 20:17:31 2003 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: ming.c,v 1.57 2003/11/06 16:50:39 fmk Exp $ */ +/* $Id: ming.c,v 1.58 2003/11/07 01:17:31 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -70,6 +70,11 @@ static SWFSound getSound(zval *id TSRMLS_DC); static SWFSoundInstance getSoundInstance(zval *id TSRMLS_DC); +#define PHP_MING_FILE_CHK(file) \ + if ((PG(safe_mode) && !php_checkuid((file), NULL, CHECKUID_CHECK_FILE_AND_DIR)) || php_check_open_basedir((file) TSRMLS_CC)) { \ + RETURN_FALSE; \ + } \ + /* {{{ proto void ming_setcubicthreshold (int threshold) Set cubic threshold (?) */ PHP_FUNCTION(ming_setCubicThreshold) @@ -340,6 +345,7 @@ if (Z_TYPE_PP(zfile) != IS_RESOURCE) { convert_to_string_ex(zfile); + PHP_MING_FILE_CHK(Z_STRVAL_PP(zfile)); input = newSWFInput_buffer(Z_STRVAL_PP(zfile), Z_STRLEN_PP(zfile)); zend_list_addref(zend_list_insert(input, le_swfinputp)); } else { @@ -1411,6 +1417,7 @@ font = loadSWFFontFromFile(file); php_stream_close(stream); } else { + PHP_MING_FILE_CHK(Z_STRVAL_PP(zfile)); font = (SWFFont)newSWFBrowserFont(Z_STRVAL_PP(zfile)); } @@ -1743,6 +1750,7 @@ if(Z_TYPE_PP(zfile) != IS_RESOURCE) { convert_to_string_ex(zfile); + PHP_MING_FILE_CHK(Z_STRVAL_PP(zfile)); input = newSWFInput_buffer(Z_STRVAL_PP(zfile), Z_STRLEN_PP(zfile)); zend_list_addref(zend_list_insert(input, le_swfinputp)); } @@ -2357,6 +2365,7 @@ convert_to_string_ex(libswf); convert_to_string_ex(name); movie = getMovie(getThis() TSRMLS_CC); + PHP_MING_FILE_CHK(Z_STRVAL_PP(libswf)); res = SWFMovie_importFont(movie, Z_STRVAL_PP(libswf), Z_STRVAL_PP(name)); if(res != NULL)
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php