iliaa Thu Dec 23 13:04:10 2004 EDT
Modified files: (Branch: PHP_4_3)
/php-src NEWS
/php-src/ext/swf swf.c
Log:
Fixed bug #31270 (missing safe_mode/open_basedir check in swf_openfile()).
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.787&r2=1.1247.2.788&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.787 php-src/NEWS:1.1247.2.788
--- php-src/NEWS:1.1247.2.787 Thu Dec 23 11:29:00 2004
+++ php-src/NEWS Thu Dec 23 13:04:09 2004
@@ -2,6 +2,7 @@
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? ????, Version 4.3.11
- Added Oracle Instant Client support. (cjbj at hotmail dot com, Tony)
+- Fixed bug #31270 (missing safe_mode/open_basedir check in swf_openfile()).
(Ilia)
- Fixed bug #31174 (compile warning in url.c). (Ilia, lukem at NetBSD dot org)
- Fixed bug #31159 (COM object access is not working). (Wez)
- Fixed bug #31142 (imap_mail_compose() fails to generate correct output).
(Ilia)
http://cvs.php.net/diff.php/php-src/ext/swf/swf.c?r1=1.46.2.2&r2=1.46.2.3&ty=u
Index: php-src/ext/swf/swf.c
diff -u php-src/ext/swf/swf.c:1.46.2.2 php-src/ext/swf/swf.c:1.46.2.3
--- php-src/ext/swf/swf.c:1.46.2.2 Fri Sep 12 00:53:39 2003
+++ php-src/ext/swf/swf.c Thu Dec 23 13:04:10 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: swf.c,v 1.46.2.2 2003/09/12 04:53:39 iliaa Exp $ */
+/* $Id: swf.c,v 1.46.2.3 2004/12/23 18:04:10 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
@@ -239,12 +239,17 @@
}
na = tmpna;
#endif
+ if (php_check_open_basedir(na TSRMLS_CC) || (PG(safe_mode) &&
!php_checkuid(na, "wb+", CHECKUID_CHECK_MODE_PARAM))) {
+ goto err;
+ }
+
if (!SWFG(use_file))
SWFG(tmpfile_name) = na;
swf_openfile(na,(float)Z_DVAL_PP(sizeX), (float)Z_DVAL_PP(sizeY),
(float)Z_DVAL_PP(frameRate), (float)Z_DVAL_PP(r),
(float)Z_DVAL_PP(g), (float)Z_DVAL_PP(b));
+err:
#ifdef VIRTUAL_DIR
free(na);
#endif
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
