[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /main safe_mode.c

Thu, 15 Nov 2007 10:59:03 -0800 

iliaa           Thu Nov 15 18:58:43 2007 UTC

  Modified files:              (Branch: PHP_5_2)
    /php-src    NEWS 
    /php-src/main       safe_mode.c 
  Log:
  
  MFB: Fixed bug #43276 (Incomplete fix for bug #42739, mkdir() under 
  safe_mode). 
  
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1011&r2=1.2027.2.547.2.1012&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1011 php-src/NEWS:1.2027.2.547.2.1012
--- php-src/NEWS:1.2027.2.547.2.1011    Wed Nov 14 15:19:29 2007
+++ php-src/NEWS        Thu Nov 15 18:58:43 2007
@@ -4,6 +4,8 @@
 - Fixed bug #43293 (Multiple segfaults in getopt()). (Hannes)
 - Fixed bug #43279 (pg_send_query_params() converts all elements in 'params' 
   to strings). (Ilia)
+- Fixed bug #43276 (Incomplete fix for bug #42739, mkdir() under safe_mode).
+  (Ilia)
 - Fixed bug #43248 (backward compatibility break in realpath()). (Dmitry)
 - Fixed bug #43221 (SimpleXML adding default namespace in addAttribute). (Rob)
 - Fixed bug #43216 (stream_is_local() returns false on "file://"). (Dmitry)
http://cvs.php.net/viewvc.cgi/php-src/main/safe_mode.c?r1=1.62.2.1.2.13&r2=1.62.2.1.2.14&diff_format=u
Index: php-src/main/safe_mode.c
diff -u php-src/main/safe_mode.c:1.62.2.1.2.13 
php-src/main/safe_mode.c:1.62.2.1.2.14
--- php-src/main/safe_mode.c:1.62.2.1.2.13      Thu Oct 11 09:33:53 2007
+++ php-src/main/safe_mode.c    Thu Nov 15 18:58:43 2007
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: safe_mode.c,v 1.62.2.1.2.13 2007/10/11 09:33:53 jani Exp $ */
+/* $Id: safe_mode.c,v 1.62.2.1.2.14 2007/11/15 18:58:43 iliaa Exp $ */
 
 #include "php.h"
 
@@ -122,10 +122,17 @@
 
                /* Trim off filename */
                if ((s = strrchr(path, DEFAULT_SLASH))) {
-                       if (s == path)
-                               path[1] = '\0';
-                       else
+                       if (*(s + 1) == '\0' && s != path) { /* make sure that 
the / is not the last character */
                                *s = '\0';
+                               s = strrchr(path, DEFAULT_SLASH);
+                       }
+                       if (s) {
+                               if (s == path) {
+                                       path[1] = '\0';
+                               } else {
+                                       *s = '\0';
+                               }
+                       }
                }
        } else { /* CHECKUID_ALLOW_ONLY_DIR */
                s = strrchr(filename, DEFAULT_SLASH);

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to