lbarnaud                Mon Aug 11 15:30:44 2008 UTC

  Modified files:              (Branch: PHP_5_3)
    /php-src/tests/security     open_basedir_symlink.phpt 
    /php-src/ext/standard       link.c 
    /php-src/ext/standard/tests/file    symlink_to_symlink.phpt 
  Log:
  MFH: Check the relevant path for open_basedir in symlink()
  
  
http://cvs.php.net/viewvc.cgi/php-src/tests/security/open_basedir_symlink.phpt?r1=1.1.4.2&r2=1.1.4.3&diff_format=u
Index: php-src/tests/security/open_basedir_symlink.phpt
diff -u php-src/tests/security/open_basedir_symlink.phpt:1.1.4.2 
php-src/tests/security/open_basedir_symlink.phpt:1.1.4.3
--- php-src/tests/security/open_basedir_symlink.phpt:1.1.4.2    Fri May  9 
08:39:44 2008
+++ php-src/tests/security/open_basedir_symlink.phpt    Mon Aug 11 15:30:44 2008
@@ -31,6 +31,12 @@
 
 var_dump(symlink($target, $symlink));
 var_dump(unlink($symlink));
+
+var_dump(mkdir("ok2"));
+$symlink = ($directory."/test/ok/ok2/ok.txt");
+var_dump(symlink("../ok.txt", $symlink)); // $target == 
(dirname($symlink)."/".$target) == ($directory."/test/ok/ok.txt");
+var_dump(unlink($symlink));
+
 test_open_basedir_after("symlink");
 ?>
 --CLEAN--
@@ -74,5 +80,8 @@
 bool(false)
 bool(true)
 bool(true)
+bool(true)
+bool(true)
+bool(true)
 *** Finished testing open_basedir configuration [symlink] ***
 
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/link.c?r1=1.52.2.1.2.3.2.3&r2=1.52.2.1.2.3.2.4&diff_format=u
Index: php-src/ext/standard/link.c
diff -u php-src/ext/standard/link.c:1.52.2.1.2.3.2.3 
php-src/ext/standard/link.c:1.52.2.1.2.3.2.4
--- php-src/ext/standard/link.c:1.52.2.1.2.3.2.3        Sun Aug 10 11:54:41 2008
+++ php-src/ext/standard/link.c Mon Aug 11 15:30:44 2008
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: link.c,v 1.52.2.1.2.3.2.3 2008/08/10 11:54:41 lbarnaud Exp $ */
+/* $Id: link.c,v 1.52.2.1.2.3.2.4 2008/08/11 15:30:44 lbarnaud Exp $ */
 
 #include "php.h"
 #include "php_filestat.h"
@@ -49,6 +49,7 @@
 
 #include "safe_mode.h"
 #include "php_link.h"
+#include "php_string.h"
 
 /* {{{ proto string readlink(string filename)
    Return the target of a symbolic link */
@@ -116,12 +117,22 @@
        int ret;
        char source_p[MAXPATHLEN];
        char dest_p[MAXPATHLEN];
+       char dirname[MAXPATHLEN];
+       size_t len;
 
        if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &topath, 
&topath_len, &frompath, &frompath_len) == FAILURE) {
                return;
        }
+       
+       if (!expand_filepath(frompath, source_p TSRMLS_CC)) {
+               php_error_docref(NULL TSRMLS_CC, E_WARNING, "No such file or 
directory");
+               RETURN_FALSE;
+       }
 
-       if (!expand_filepath(frompath, source_p TSRMLS_CC) || 
!expand_filepath(topath, dest_p TSRMLS_CC)) {
+       memcpy(dirname, source_p, sizeof(source_p));
+       len = php_dirname(dirname, strlen(dirname));
+
+       if (!expand_filepath_ex(topath, dest_p, dirname, len TSRMLS_CC)) {
                php_error_docref(NULL TSRMLS_CC, E_WARNING, "No such file or 
directory");
                RETURN_FALSE;
        }
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/symlink_to_symlink.phpt?r1=1.1.2.2&r2=1.1.2.3&diff_format=u
Index: php-src/ext/standard/tests/file/symlink_to_symlink.phpt
diff -u php-src/ext/standard/tests/file/symlink_to_symlink.phpt:1.1.2.2 
php-src/ext/standard/tests/file/symlink_to_symlink.phpt:1.1.2.3
--- php-src/ext/standard/tests/file/symlink_to_symlink.phpt:1.1.2.2     Sun Aug 
10 11:54:41 2008
+++ php-src/ext/standard/tests/file/symlink_to_symlink.phpt     Mon Aug 11 
15:30:44 2008
@@ -1,5 +1,11 @@
 --TEST--
 symlink() using a relative path, and symlink() to a symlink
+--SKIPIF--
+<?php
+if (substr(PHP_OS, 0, 3) == 'WIN') {
+    die('skip no symlinks on Windows');
+}
+?>
 --FILE--
 <?php
 $prefix = __FILE__;



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to