iliaa Wed Jun 23 20:48:57 2004 EDT
Modified files: (Branch: PHP_4_3)
/php-src/ext/standard ftok.c
Log:
MFH: Added missing safe_mode & open_basedir checks.
http://cvs.php.net/diff.php/php-src/ext/standard/ftok.c?r1=1.9.2.1&r2=1.9.2.2&ty=u
Index: php-src/ext/standard/ftok.c
diff -u php-src/ext/standard/ftok.c:1.9.2.1 php-src/ext/standard/ftok.c:1.9.2.2
--- php-src/ext/standard/ftok.c:1.9.2.1 Tue Dec 31 11:35:28 2002
+++ php-src/ext/standard/ftok.c Wed Jun 23 20:48:56 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: ftok.c,v 1.9.2.1 2002/12/31 16:35:28 sebastian Exp $ */
+/* $Id: ftok.c,v 1.9.2.2 2004/06/24 00:48:56 iliaa Exp $ */
#include "php.h"
@@ -51,6 +51,10 @@
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Second argument invalid");
RETURN_LONG(-1);
}
+
+ if ((PG(safe_mode) && (!php_checkuid(Z_STRVAL_PP(pathname), NULL,
CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(Z_STRVAL_PP(pathname)
TSRMLS_CC)) {
+ RETURN_LONG(-1);
+ }
k = ftok(Z_STRVAL_PP(pathname),Z_STRVAL_PP(proj)[0]);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
