fdf fdf.c

Ilia Alshanetsky Sun, 16 May 2004 07:38:22 -0700

iliaa           Sun May 16 10:38:19 2004 EDT

  Modified files:              
    /php-src/ext/fdf    fdf.c 
  Log:
  Added missing safe_mode & open_basedir checks.
  
  
http://cvs.php.net/diff.php/php-src/ext/fdf/fdf.c?r1=1.85&r2=1.86&ty=u
Index: php-src/ext/fdf/fdf.c
diff -u php-src/ext/fdf/fdf.c:1.85 php-src/ext/fdf/fdf.c:1.86
--- php-src/ext/fdf/fdf.c:1.85  Thu Jan  8 03:15:25 2004
+++ php-src/ext/fdf/fdf.c       Sun May 16 10:38:19 2004
@@ -17,7 +17,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: fdf.c,v 1.85 2004/01/08 08:15:25 andi Exp $ */
+/* $Id: fdf.c,v 1.86 2004/05/16 14:38:19 iliaa Exp $ */
 
 /* FdfTk lib 2.0 is a Complete C/C++ FDF Toolkit available from
    http://beta1.adobe.com/ada/acrosdk/forms.html. */
@@ -725,6 +725,10 @@
                return;
        }
 
+       if (php_check_open_basedir(filename TSRMLS_CC) || (PG(safe_mode) && 
!php_checkuid(filename, "wb+", CHECKUID_CHECK_MODE_PARAM))) {
+               RETURN_FALSE;
+       }
+
        ZEND_FETCH_RESOURCE(fdf, FDFDoc *, &r_fdf, -1, "fdf", le_fdf);
 
        err = FDFSetFile(fdf, filename);
@@ -1485,6 +1489,10 @@
        
        ZEND_FETCH_RESOURCE(fdf, FDFDoc *, &r_fdf, -1, "fdf", le_fdf);
 
+       if (php_check_open_basedir(savepath TSRMLS_CC) || (PG(safe_mode) && 
!php_checkuid(savepath, "wb+", CHECKUID_CHECK_MODE_PARAM))) {
+               RETURN_FALSE;
+       }
+
        strncpy(pathbuf , savepath, MAXPATHLEN-1);
        pathbuf[MAXPATHLEN-1] = '\0';


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src /ext/fdf fdf.c

Reply via email to