[PHP-CVS] cvs: php-src(PHP_4_3) /ext/standard link.c

Mon, 01 Nov 2004 16:38:10 -0800 

iliaa           Mon Nov  1 19:38:07 2004 EDT

  Modified files:              (Branch: PHP_4_3)
    /php-src/ext/standard       link.c 
  Log:
  MFH: Fixed open_basedir & safe_mode bypass inside readlink() function.
  
  
http://cvs.php.net/diff.php/php-src/ext/standard/link.c?r1=1.42.2.4&r2=1.42.2.5&ty=u
Index: php-src/ext/standard/link.c
diff -u php-src/ext/standard/link.c:1.42.2.4 php-src/ext/standard/link.c:1.42.2.5
--- php-src/ext/standard/link.c:1.42.2.4        Tue Dec 31 11:35:31 2002
+++ php-src/ext/standard/link.c Mon Nov  1 19:38:07 2004
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: link.c,v 1.42.2.4 2002/12/31 16:35:31 sebastian Exp $ */
+/* $Id: link.c,v 1.42.2.5 2004/11/02 00:38:07 iliaa Exp $ */
 
 #include "php.h"
 #include "php_filestat.h"
@@ -65,6 +65,14 @@
        }
        convert_to_string_ex(filename);
 
+       if (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(filename), NULL, 
CHECKUID_CHECK_FILE_AND_DIR)) {
+               RETURN_FALSE;
+       }
+
+       if (php_check_open_basedir(Z_STRVAL_PP(filename) TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
+
        ret = readlink(Z_STRVAL_PP(filename), buff, MAXPATHLEN-1);
 
        if (ret == -1) {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to