iliaa Tue Jan 20 21:28:51 2004 EDT
Modified files:
/php-src/main/streams plain_wrapper.c
Log:
Fixed bug #26974 (rename() doesn't check the destination file
against safe_mode/open_basedir).
http://cvs.php.net/diff.php/php-src/main/streams/plain_wrapper.c?r1=1.33&r2=1.34&ty=u
Index: php-src/main/streams/plain_wrapper.c
diff -u php-src/main/streams/plain_wrapper.c:1.33
php-src/main/streams/plain_wrapper.c:1.34
--- php-src/main/streams/plain_wrapper.c:1.33 Thu Jan 8 03:17:59 2004
+++ php-src/main/streams/plain_wrapper.c Tue Jan 20 21:28:50 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: plain_wrapper.c,v 1.33 2004/01/08 08:17:59 andi Exp $ */
+/* $Id: plain_wrapper.c,v 1.34 2004/01/21 02:28:50 iliaa Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -973,11 +973,12 @@
url_to = p + 3;
}
- if (PG(safe_mode) &&(!php_checkuid(url_from, NULL,
CHECKUID_CHECK_FILE_AND_DIR))) {
+ if (PG(safe_mode) && (!php_checkuid(url_from, NULL,
CHECKUID_CHECK_FILE_AND_DIR) ||
+ !php_checkuid(url_to, NULL,
CHECKUID_CHECK_FILE_AND_DIR))) {
return 0;
}
- if (php_check_open_basedir(url_from TSRMLS_CC)) {
+ if (php_check_open_basedir(url_from TSRMLS_CC) ||
php_check_open_basedir(url_to TSRMLS_CC)) {
return 0;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
