ab5602 Wed Oct 10 23:54:39 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/main safe_mode.c
Log:
Fix for bug 41899, safe mode and relative paths with Solaris's broken
getcwd().
http://cvs.php.net/viewvc.cgi/php-src/main/safe_mode.c?r1=1.62.2.1.2.10&r2=1.62.2.1.2.11&diff_format=u
Index: php-src/main/safe_mode.c
diff -u php-src/main/safe_mode.c:1.62.2.1.2.10
php-src/main/safe_mode.c:1.62.2.1.2.11
--- php-src/main/safe_mode.c:1.62.2.1.2.10 Sun Sep 23 15:19:21 2007
+++ php-src/main/safe_mode.c Wed Oct 10 23:54:39 2007
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: safe_mode.c,v 1.62.2.1.2.10 2007/09/23 15:19:21 iliaa Exp $ */
+/* $Id: safe_mode.c,v 1.62.2.1.2.11 2007/10/10 23:54:39 ab5602 Exp $ */
#include "php.h"
@@ -86,7 +86,15 @@
* If that fails, passthrough and check directory...
*/
if (mode != CHECKUID_ALLOW_ONLY_DIR) {
- expand_filepath(filename, path TSRMLS_CC);
+
+ char ftest[MAXPATHLEN];
+ strcpy(ftest,filename);
+ if (VCWD_GETCWD(ftest, sizeof(ftest)) == NULL) {
+ strcpy(path,filename);
+ } else {
+ expand_filepath(filename, path TSRMLS_CC);
+ }
+
ret = VCWD_STAT(path, &sb);
if (ret < 0) {
if (mode == CHECKUID_DISALLOW_FILE_NOT_EXISTS) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
