file bug41655_1.phpt

Dmitry Stogov Mon, 25 Jun 2007 01:40:32 -0700

dmitry          Mon Jun 25 08:40:20 2007 UTC

  Modified files:              (Branch: PHP_5_2)
    /php-src/ext/standard       dir.c 
    /php-src/ext/standard/tests/file    bug41655_1.phpt 
  Log:
  Better fix for bug #41655
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.147.2.3.2.7&r2=1.147.2.3.2.8&diff_format=u
Index: php-src/ext/standard/dir.c
diff -u php-src/ext/standard/dir.c:1.147.2.3.2.7 
php-src/ext/standard/dir.c:1.147.2.3.2.8
--- php-src/ext/standard/dir.c:1.147.2.3.2.7    Thu Jun 14 23:28:06 2007
+++ php-src/ext/standard/dir.c  Mon Jun 25 08:40:20 2007
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: dir.c,v 1.147.2.3.2.7 2007/06/14 23:28:06 iliaa Exp $ */
+/* $Id: dir.c,v 1.147.2.3.2.8 2007/06/25 08:40:20 dmitry Exp $ */
 
 /* {{{ includes/startup/misc */
 
@@ -397,19 +397,19 @@
 #endif
 
        if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) {
-               size_t base_len = php_dirname(pattern, strlen(pattern));
-               char pos = pattern[base_len];
-
-               pattern[base_len] = '\0';
-
-               if (PG(safe_mode) && (!php_checkuid(pattern, NULL, 
CHECKUID_CHECK_FILE_AND_DIR))) {
+               int pattern_len = strlen(pattern);
+               char *basename = estrndup(pattern, pattern_len);
+               
+               php_dirname(basename, pattern_len);
+               if (PG(safe_mode) && (!php_checkuid(basename, NULL, 
CHECKUID_CHECK_FILE_AND_DIR))) {
+                       efree(basename);
                        RETURN_FALSE;
                }
-               if (php_check_open_basedir(pattern TSRMLS_CC)) {
+               if (php_check_open_basedir(basename TSRMLS_CC)) {
+                       efree(basename);
                        RETURN_FALSE;
                }
-
-               pattern[base_len] = pos;
+               efree(basename);
        }
 
        globbuf.gl_offs = 0;
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/bug41655_1.phpt?r1=1.1.4.2&r2=1.1.4.3&diff_format=u
Index: php-src/ext/standard/tests/file/bug41655_1.phpt
diff -u php-src/ext/standard/tests/file/bug41655_1.phpt:1.1.4.2 
php-src/ext/standard/tests/file/bug41655_1.phpt:1.1.4.3
--- php-src/ext/standard/tests/file/bug41655_1.phpt:1.1.4.2     Fri Jun 22 
12:35:41 2007
+++ php-src/ext/standard/tests/file/bug41655_1.phpt     Mon Jun 25 08:40:20 2007
@@ -7,4 +7,4 @@
        $a=glob("./*.jpeg");
 ?>
 --EXPECTF--
-Warning: glob() [%s]: open_basedir restriction in effect. File(.) is not 
within the allowed path(s): (/tmp) in %s on line %d
+Warning: glob(): open_basedir restriction in effect. File(.) is not within the 
allowed path(s): (/tmp) in %s on line %d


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_5_2) /ext/standard dir.c /ext/standard/tests/file bug41655_1.phpt

Reply via email to