pajoye          Thu Apr 16 09:47:33 2009 UTC

  Modified files:              (Branch: PHP_5_2)
    /php-src/ext/curl   interface.c 
  Log:
  - disable file:// when safe_mode or open_basedir are enabled
  
http://cvs.php.net/viewvc.cgi/php-src/ext/curl/interface.c?r1=1.62.2.14.2.43&r2=1.62.2.14.2.44&diff_format=u
Index: php-src/ext/curl/interface.c
diff -u php-src/ext/curl/interface.c:1.62.2.14.2.43 
php-src/ext/curl/interface.c:1.62.2.14.2.44
--- php-src/ext/curl/interface.c:1.62.2.14.2.43 Mon Mar 16 15:09:51 2009
+++ php-src/ext/curl/interface.c        Thu Apr 16 09:47:33 2009
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
 */
 
-/* $Id: interface.c,v 1.62.2.14.2.43 2009/03/16 15:09:51 felipe Exp $ */
+/* $Id: interface.c,v 1.62.2.14.2.44 2009/04/16 09:47:33 pajoye Exp $ */
 
 #define ZEND_INCLUDE_FULL_WINDOWS_HEADERS
 
@@ -162,31 +162,43 @@
  #define php_curl_ret(__ret) RETVAL_FALSE; return;
 #endif
 
-#define PHP_CURL_CHECK_OPEN_BASEDIR(str, len, __ret)                           
                                                                        \
-       if (((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) &&       
                                         \
-           strncasecmp(str, "file:", sizeof("file:") - 1) == 0)                
                                                \
-       {                                                                       
                                                                                
                                \
-               php_url *tmp_url;                                               
                                                                                
                \
-                                                                               
                                        \
-               if (!(tmp_url = php_url_parse_ex(str, len))) {                  
                                                                \
-                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid 
URL '%s'", str);                           \
-                       php_curl_ret(__ret);                                    
                                                \
-               }                                                               
                                        \
-                                                                               
                                        \
-               if (tmp_url->host || !php_memnstr(str, tmp_url->path, 
strlen(tmp_url->path), str + len)) {                              \
-                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "URL '%s' 
contains unencoded control characters", str);     \
-                       php_url_free(tmp_url);                                  
                                                                                
        \
-                       php_curl_ret(__ret);                                    
                                                \
-               }                                                               
                                        \
-                                                                               
                                                                                
                                \
-               if (tmp_url->query || tmp_url->fragment || 
php_check_open_basedir(tmp_url->path TSRMLS_CC) ||                              
                                     \
-                       (PG(safe_mode) && !php_checkuid(tmp_url->path, "rb+", 
CHECKUID_CHECK_MODE_PARAM))       \
-               ) {                                                             
                                                                                
                        \
-                       php_url_free(tmp_url);                                  
                                                                                
        \
-                       php_curl_ret(__ret);                                    
                                                \
-               }                                                               
                                                                                
                                \
-               php_url_free(tmp_url);                                          
                                                                                
        \
+static int php_curl_option_url(php_curl *ch, const char *url, const int len) {
+       CURLcode     error=CURLE_OK;
+#if LIBCURL_VERSION_NUM < 0x071100
+       char *copystr = NULL;
+#endif
+
+       /* Disable file:// if open_basedir or safe_mode are used */
+       if ((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) {
+#if LIBCURL_VERSION_NUM >= 0x071304
+               error = curl_easy_setopt(ch->cp, CURLOPT_PROTOCOLS, 
CURLPROTO_ALL & ~CURLPROTO_FILE);
+#else
+               php_url *uri;
+
+               if (!(uri = php_url_parse_ex(url, len))) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid 
URL '%s'", url);
+                       return 0;
+               }
+
+               if (!strncasecmp("file", uri->scheme, sizeof("file"))) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "Protocol 
'file' disabled in cURL");
+                       php_url_free(uri);
+                       return 0;
+               }
+               php_url_free(uri);
+#endif
        }
+       /* Strings passed to libcurl as 'char *' arguments, are copied by the 
library... NOTE: before 7.17.0 strings were not copied. */
+#if LIBCURL_VERSION_NUM >= 0x071100
+       error = curl_easy_setopt(ch->cp, CURLOPT_URL, url);
+#else
+       copystr = estrndup(url, len);
+       error = curl_easy_setopt(ch->cp, CURLOPT_URL, copystr);
+       zend_llist_add_element(&ch->to_free.str, &copystr);
+#endif
+
+       return (error == CURLE_OK ? 1 : 0);
+}
 
 /* {{{ arginfo */
 static
@@ -1120,7 +1132,6 @@
 
        if (argc > 0) {
                convert_to_string_ex(url);
-               PHP_CURL_CHECK_OPEN_BASEDIR(Z_STRVAL_PP(url), Z_STRLEN_PP(url), 
(void) NULL);
        }
 
        cp = curl_easy_init();
@@ -1158,15 +1169,9 @@
 #endif
 
        if (argc > 0) {
-#if LIBCURL_VERSION_NUM >= 0x071100
-               curl_easy_setopt(ch->cp, CURLOPT_URL, Z_STRVAL_PP(url));
-#else
-               char *urlcopy;
-
-               urlcopy = estrndup(Z_STRVAL_PP(url), Z_STRLEN_PP(url));
-               curl_easy_setopt(ch->cp, CURLOPT_URL, urlcopy);
-               zend_llist_add_element(&ch->to_free.str, &urlcopy);
-#endif
+               if (!php_curl_option_url(ch, Z_STRVAL_PP(url), 
Z_STRLEN_PP(url))) {
+                       RETURN_FALSE;
+               }
        }
 
        ZEND_REGISTER_RESOURCE(return_value, ch, le_curl);
@@ -1370,18 +1375,20 @@
                        convert_to_string_ex(zvalue);
 
                        if (option == CURLOPT_URL) {
-                               
PHP_CURL_CHECK_OPEN_BASEDIR(Z_STRVAL_PP(zvalue), Z_STRLEN_PP(zvalue), 1);
-                       }
-
+                               if (!php_curl_option_url(ch, 
Z_STRVAL_PP(zvalue), Z_STRLEN_PP(zvalue))) {
+                                       RETVAL_FALSE;
+                                       return 1;
+                               }
+                       } else {
 #if LIBCURL_VERSION_NUM >= 0x071100
-                       /* Strings passed to libcurl as ’char *’ arguments, 
are copied by the library... NOTE: before 7.17.0 strings were not copied. */
-                       error = curl_easy_setopt(ch->cp, option, 
Z_STRVAL_PP(zvalue));
+                               /* Strings passed to libcurl as ’char *’ 
arguments, are copied by the library... NOTE: before 7.17.0 strings were not 
copied. */
+                               error = curl_easy_setopt(ch->cp, option, 
Z_STRVAL_PP(zvalue));
 #else
-                       copystr = estrndup(Z_STRVAL_PP(zvalue), 
Z_STRLEN_PP(zvalue));
-                       error = curl_easy_setopt(ch->cp, option, copystr);
-                       zend_llist_add_element(&ch->to_free.str, &copystr);
+                               copystr = estrndup(Z_STRVAL_PP(zvalue), 
Z_STRLEN_PP(zvalue));
+                               error = curl_easy_setopt(ch->cp, option, 
copystr);
+                               zend_llist_add_element(&ch->to_free.str, 
&copystr);
 #endif
-
+                       }
                        break;
                }
                case CURLOPT_FILE:



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to