iliaa Sun May 16 10:38:27 2004 EDT
Modified files: (Branch: PHP_4_3)
/php-src/ext/fdf fdf.c
Log:
MFH: Added missing safe_mode & open_basedir checks.
http://cvs.php.net/diff.php/php-src/ext/fdf/fdf.c?r1=1.66.2.11&r2=1.66.2.12&ty=u
Index: php-src/ext/fdf/fdf.c
diff -u php-src/ext/fdf/fdf.c:1.66.2.11 php-src/ext/fdf/fdf.c:1.66.2.12
--- php-src/ext/fdf/fdf.c:1.66.2.11 Wed Sep 10 21:45:02 2003
+++ php-src/ext/fdf/fdf.c Sun May 16 10:38:26 2004
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: fdf.c,v 1.66.2.11 2003/09/11 01:45:02 hholzgra Exp $ */
+/* $Id: fdf.c,v 1.66.2.12 2004/05/16 14:38:26 iliaa Exp $ */
/* FdfTk lib 2.0 is a Complete C/C++ FDF Toolkit available from
http://beta1.adobe.com/ada/acrosdk/forms.html. */
@@ -721,6 +721,10 @@
return;
}
+ if (php_check_open_basedir(filename TSRMLS_CC) || (PG(safe_mode) &&
!php_checkuid(filename, "wb+", CHECKUID_CHECK_MODE_PARAM))) {
+ RETURN_FALSE;
+ }
+
ZEND_FETCH_RESOURCE(fdf, FDFDoc *, &r_fdf, -1, "fdf", le_fdf);
err = FDFSetFile(fdf, filename);
@@ -1481,6 +1485,10 @@
ZEND_FETCH_RESOURCE(fdf, FDFDoc *, &r_fdf, -1, "fdf", le_fdf);
+ if (php_check_open_basedir(savepath TSRMLS_CC) || (PG(safe_mode) &&
!php_checkuid(savepath, "wb+", CHECKUID_CHECK_MODE_PARAM))) {
+ RETURN_FALSE;
+ }
+
strncpy(pathbuf , savepath, MAXPATHLEN-1);
pathbuf[MAXPATHLEN-1] = '\0';
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
