pajoye Fri Jun 22 12:28:06 2007 UTC Added files: (Branch: PHP_4_4) /php-src/ext/standard/tests/file bug41655_1.phpt bug41655_2.phpt
Modified files: /php-src NEWS /php-src/ext/standard dir.c Log: - fix build - fix regression in glob introduced by #41655 fix and add test cases http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.240&r2=1.1247.2.920.2.241&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.240 php-src/NEWS:1.1247.2.920.2.241 --- php-src/NEWS:1.1247.2.920.2.240 Fri Jun 22 00:10:27 2007 +++ php-src/NEWS Fri Jun 22 12:28:05 2007 @@ -5,6 +5,8 @@ - Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner. (Ilia) - Fixed integer overlow in str[c]spn(). (Stas) +- Fixed regression in glob when open_basedir is on introduced by #41655 fix + (Pierre) - Fixed money_format() not to accept multiple %i or %n tokens. (Stas, Ilia) - Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007. (Stas) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.109.2.18.2.6&r2=1.109.2.18.2.7&diff_format=u Index: php-src/ext/standard/dir.c diff -u php-src/ext/standard/dir.c:1.109.2.18.2.6 php-src/ext/standard/dir.c:1.109.2.18.2.7 --- php-src/ext/standard/dir.c:1.109.2.18.2.6 Tue Jun 12 13:48:02 2007 +++ php-src/ext/standard/dir.c Fri Jun 22 12:28:06 2007 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: dir.c,v 1.109.2.18.2.6 2007/06/12 13:48:02 scottmac Exp $ */ +/* $Id: dir.c,v 1.109.2.18.2.7 2007/06/22 12:28:06 pajoye Exp $ */ /* {{{ includes/startup/misc */ @@ -384,19 +384,18 @@ #endif if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) { - size_t base_len = php_dirname(pattern, strlen(pattern)); - char pos = pattern[base_len]; + char *dirname = estrdup(pattern); + php_dirname(dirname, strlen(dirname)); - pattern[base_len] = '\0'; - - if (PG(safe_mode) && (!php_checkuid(pattern, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + if (PG(safe_mode) && (!php_checkuid(dirname, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + efree(dirname); RETURN_FALSE; } - if (php_check_open_basedir(pattern TSRMLS_CC)) { + if (php_check_open_basedir(dirname TSRMLS_CC)) { + efree(dirname); RETURN_FALSE; } - - pattern[base_len] = pos; + efree(dirname); } globbuf.gl_offs = 0; http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/bug41655_1.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/file/bug41655_1.phpt +++ php-src/ext/standard/tests/file/bug41655_1.phpt http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/bug41655_2.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/file/bug41655_2.phpt +++ php-src/ext/standard/tests/file/bug41655_2.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php