iliaa Thu Apr 6 02:39:55 2006 UTC
Modified files: (Branch: PHP_5_1)
/php-src/ext/standard file.c
/php-src NEWS
Log:
Fixed safe_mode check for source argument of the copy() function.
http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/file.c?r1=1.409.2.5&r2=1.409.2.6&diff_format=u
Index: php-src/ext/standard/file.c
diff -u php-src/ext/standard/file.c:1.409.2.5
php-src/ext/standard/file.c:1.409.2.6
--- php-src/ext/standard/file.c:1.409.2.5 Mon Mar 27 23:40:41 2006
+++ php-src/ext/standard/file.c Thu Apr 6 02:39:55 2006
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: file.c,v 1.409.2.5 2006/03/27 23:40:41 iliaa Exp $ */
+/* $Id: file.c,v 1.409.2.6 2006/04/06 02:39:55 iliaa Exp $ */
/* Synced with php 3.0 revision 1.218 1999-06-16 [ssb] */
@@ -1767,7 +1767,7 @@
}
safe_to_copy:
- srcstream = php_stream_open_wrapper(src, "rb",
STREAM_DISABLE_OPEN_BASEDIR | REPORT_ERRORS, NULL);
+ srcstream = php_stream_open_wrapper(src, "rb", ENFORCE_SAFE_MODE |
REPORT_ERRORS, NULL);
if (!srcstream) {
return ret;
http://cvs.php.net/viewcvs.cgi/php-src/NEWS?r1=1.2027.2.495&r2=1.2027.2.496&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.495 php-src/NEWS:1.2027.2.496
--- php-src/NEWS:1.2027.2.495 Wed Apr 5 14:08:18 2006
+++ php-src/NEWS Thu Apr 6 02:39:55 2006
@@ -1,6 +1,7 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
30 Mar 2006, PHP 5.1.3RC2
+- Fixed safe_mode check for source argument of the copy() function. (Ilia)
- Fixed mysqli bigint conversion under Windows (Georg)
- Fixed XSS inside phpinfo() with long inputs. (Ilia)
- Check 2nd parameter of tempnam() against path components. (Ilia)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
