dmitry Mon Jun 25 08:40:20 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/standard dir.c /php-src/ext/standard/tests/file bug41655_1.phpt Log: Better fix for bug #41655 http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.147.2.3.2.7&r2=1.147.2.3.2.8&diff_format=u Index: php-src/ext/standard/dir.c diff -u php-src/ext/standard/dir.c:1.147.2.3.2.7 php-src/ext/standard/dir.c:1.147.2.3.2.8 --- php-src/ext/standard/dir.c:1.147.2.3.2.7 Thu Jun 14 23:28:06 2007 +++ php-src/ext/standard/dir.c Mon Jun 25 08:40:20 2007 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: dir.c,v 1.147.2.3.2.7 2007/06/14 23:28:06 iliaa Exp $ */ +/* $Id: dir.c,v 1.147.2.3.2.8 2007/06/25 08:40:20 dmitry Exp $ */ /* {{{ includes/startup/misc */ @@ -397,19 +397,19 @@ #endif if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) { - size_t base_len = php_dirname(pattern, strlen(pattern)); - char pos = pattern[base_len]; - - pattern[base_len] = '\0'; - - if (PG(safe_mode) && (!php_checkuid(pattern, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + int pattern_len = strlen(pattern); + char *basename = estrndup(pattern, pattern_len); + + php_dirname(basename, pattern_len); + if (PG(safe_mode) && (!php_checkuid(basename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + efree(basename); RETURN_FALSE; } - if (php_check_open_basedir(pattern TSRMLS_CC)) { + if (php_check_open_basedir(basename TSRMLS_CC)) { + efree(basename); RETURN_FALSE; } - - pattern[base_len] = pos; + efree(basename); } globbuf.gl_offs = 0; http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/bug41655_1.phpt?r1=1.1.4.2&r2=1.1.4.3&diff_format=u Index: php-src/ext/standard/tests/file/bug41655_1.phpt diff -u php-src/ext/standard/tests/file/bug41655_1.phpt:1.1.4.2 php-src/ext/standard/tests/file/bug41655_1.phpt:1.1.4.3 --- php-src/ext/standard/tests/file/bug41655_1.phpt:1.1.4.2 Fri Jun 22 12:35:41 2007 +++ php-src/ext/standard/tests/file/bug41655_1.phpt Mon Jun 25 08:40:20 2007 @@ -7,4 +7,4 @@ $a=glob("./*.jpeg"); ?> --EXPECTF-- -Warning: glob() [%s]: open_basedir restriction in effect. File(.) is not within the allowed path(s): (/tmp) in %s on line %d +Warning: glob(): open_basedir restriction in effect. File(.) is not within the allowed path(s): (/tmp) in %s on line %d
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php