iliaa           Thu Oct  6 16:44:58 2005 EDT

  Modified files:              (Branch: PHP_4_4)
    /php-src/ext/gd     gd_ctx.c gd.c 
    /php-src/ext/curl   curl.c 
    /php-src    NEWS 
  Log:
  MFH: Added missing safe_mode checks.
  
  
http://cvs.php.net/diff.php/php-src/ext/gd/gd_ctx.c?r1=1.15.2.2&r2=1.15.2.2.4.1&ty=u
Index: php-src/ext/gd/gd_ctx.c
diff -u php-src/ext/gd/gd_ctx.c:1.15.2.2 php-src/ext/gd/gd_ctx.c:1.15.2.2.4.1
--- php-src/ext/gd/gd_ctx.c:1.15.2.2    Wed Jan 28 11:27:42 2004
+++ php-src/ext/gd/gd_ctx.c     Thu Oct  6 16:44:52 2005
@@ -73,7 +73,7 @@
        }
 
        if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) {
-               if (!fn || fn == empty_string || php_check_open_basedir(fn 
TSRMLS_CC)) {
+               if (!fn || fn == empty_string || php_check_open_basedir(fn 
TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "rb+", 
CHECKUID_CHECK_FILE_AND_DIR))) {
                        php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid 
filename '%s'", fn);
                        RETURN_FALSE;
                }
http://cvs.php.net/diff.php/php-src/ext/gd/gd.c?r1=1.221.2.56&r2=1.221.2.56.2.1&ty=u
Index: php-src/ext/gd/gd.c
diff -u php-src/ext/gd/gd.c:1.221.2.56 php-src/ext/gd/gd.c:1.221.2.56.2.1
--- php-src/ext/gd/gd.c:1.221.2.56      Fri May  6 12:51:54 2005
+++ php-src/ext/gd/gd.c Thu Oct  6 16:44:52 2005
@@ -18,7 +18,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: gd.c,v 1.221.2.56 2005/05/06 16:51:54 tony2001 Exp $ */
+/* $Id: gd.c,v 1.221.2.56.2.1 2005/10/06 20:44:52 iliaa Exp $ */
 
 /* gd 1.2 is copyright 1994, 1995, Quest Protein Database Center, 
    Cold Spring Harbor Labs. */
@@ -1644,7 +1644,7 @@
        }
 
        if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) {
-               if (!fn || fn == empty_string || php_check_open_basedir(fn 
TSRMLS_CC)) {
+               if (!fn || fn == empty_string || php_check_open_basedir(fn 
TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "rb+", 
CHECKUID_CHECK_FILE_AND_DIR))) {
                        php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid 
filename '%s'", fn);
                        RETURN_FALSE;
                }
http://cvs.php.net/diff.php/php-src/ext/curl/curl.c?r1=1.124.2.30.2.1&r2=1.124.2.30.2.2&ty=u
Index: php-src/ext/curl/curl.c
diff -u php-src/ext/curl/curl.c:1.124.2.30.2.1 
php-src/ext/curl/curl.c:1.124.2.30.2.2
--- php-src/ext/curl/curl.c:1.124.2.30.2.1      Wed Oct  5 10:34:36 2005
+++ php-src/ext/curl/curl.c     Thu Oct  6 16:44:55 2005
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
 */
 
-/* $Id: curl.c,v 1.124.2.30.2.1 2005/10/05 14:34:36 iliaa Exp $ */
+/* $Id: curl.c,v 1.124.2.30.2.2 2005/10/06 20:44:55 iliaa Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -66,7 +66,7 @@
 #define CAAZ(s, v) add_assoc_zval_ex(return_value, s, sizeof(s), (zval *) v);
 
 #define PHP_CURL_CHECK_OPEN_BASEDIR(str, len)                                  
                                                                \
-       if (PG(open_basedir) && *PG(open_basedir) &&                            
                    \
+       if (((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) &&       
                                         \
            strncasecmp(str, "file://", sizeof("file://") - 1) == 0)            
                                                \
        {                                                                       
                                                                                
                                \
                php_url *tmp_url;                                               
                                                                                
                \
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.920.2.48&r2=1.1247.2.920.2.49&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.920.2.48 php-src/NEWS:1.1247.2.920.2.49
--- php-src/NEWS:1.1247.2.920.2.48      Thu Oct  6 16:39:24 2005
+++ php-src/NEWS        Thu Oct  6 16:44:56 2005
@@ -1,6 +1,7 @@
 PHP 4                                                                      NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2005, Version 4.4.1
+- Added missing safe_mode checks for image* functions and cURL. (Ilia)
 - Added missing safe_mode/open_basedir checks for file uploads. (Ilia)
 - Fixed possible INI setting leak via virtual() in Apache 2 sapi. (Ilia)
 - Fixed possible crash and/or memory corruption in import_request_variables().

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to