streams plain_wrapper.c

Ilia Alshanetsky Mon, 20 Jun 2005 08:59:35 -0700

iliaa           Mon Jun 20 11:59:19 2005 EDT

  Modified files:              
    /php-src/main/streams       plain_wrapper.c 
    /php-src    NEWS 
  Log:
  Fixed bug #31054 (safe_mode & open_basedir checks only check first 
  include_path value).
  
  
http://cvs.php.net/diff.php/php-src/main/streams/plain_wrapper.c?r1=1.46&r2=1.47&ty=u
Index: php-src/main/streams/plain_wrapper.c
diff -u php-src/main/streams/plain_wrapper.c:1.46 
php-src/main/streams/plain_wrapper.c:1.47
--- php-src/main/streams/plain_wrapper.c:1.46   Tue May 24 06:13:52 2005
+++ php-src/main/streams/plain_wrapper.c        Mon Jun 20 11:59:12 2005
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: plain_wrapper.c,v 1.46 2005/05/24 10:13:52 tony2001 Exp $ */
+/* $Id: plain_wrapper.c,v 1.47 2005/06/20 15:59:12 iliaa Exp $ */
 
 #include "php.h"
 #include "php_globals.h"
@@ -1297,24 +1297,24 @@
                        end++;
                }
                snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename);
-               
-               if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && 
php_check_open_basedir(trypath TSRMLS_CC)) {
-                       stream = NULL;
-                       goto stream_done;
+
+               if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && 
php_check_open_basedir_ex(trypath, 0 TSRMLS_CC)) {
+                       ptr = end;
+                       continue;
                }
                
                if (PG(safe_mode)) {
                        if (VCWD_STAT(trypath, &sb) == 0) {
                                /* file exists ... check permission */
                                if ((php_check_safe_mode_include_dir(trypath 
TSRMLS_CC) == 0) ||
-                                               php_checkuid(trypath, mode, 
CHECKUID_CHECK_MODE_PARAM)) {
+                                               php_checkuid_ex(trypath, mode, 
CHECKUID_CHECK_MODE_PARAM, CHECKUID_NO_ERRORS)) {
                                        /* UID ok, or trypath is in 
safe_mode_include_dir */
                                        stream = php_stream_fopen_rel(trypath, 
mode, opened_path, options);
-                               } else {
-                                       stream = NULL;
+                                       goto stream_done;
                                }
-                               goto stream_done;
                        }
+                       ptr = end;
+                       continue;
                }
                stream = php_stream_fopen_rel(trypath, mode, opened_path, 
options);
                if (stream) {
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1940&r2=1.1941&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1940 php-src/NEWS:1.1941
--- php-src/NEWS:1.1940 Mon Jun 20 08:46:32 2005
+++ php-src/NEWS        Mon Jun 20 11:59:13 2005
@@ -34,6 +34,8 @@
   PHP). (Marcus)
 - Fixed bug #31256 (PHP_EVAL_LIBLINE configure macro does not handle -pthread).
   (Jani)
+- Fixed bug #31054 (safe_mode & open_basedir checks only check first 
+  include_path value). (Ilia)
 - Fixed bug #29683 (headers_list() returns empty array). (Tony)
 - Fixed bug #28355 (glob wont error if dir is not readable). (Hartmut)
 - Fixed bugs #20382, #28024, #30532, #32086, #32270, #32555, #32588, #33056


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src / NEWS /main/streams plain_wrapper.c

Reply via email to