pajoye Thu Apr 30 15:25:05 2009 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/standard exec.c Log: - #45997, safe_mode bypass with exec/sytem/passthru (windows only) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.12&r2=1.113.2.3.2.13&diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.12 php-src/ext/standard/exec.c:1.113.2.3.2.13 --- php-src/ext/standard/exec.c:1.113.2.3.2.12 Sun Apr 19 15:01:11 2009 +++ php-src/ext/standard/exec.c Thu Apr 30 15:25:05 2009 @@ -16,7 +16,7 @@ | Ilia Alshanetsky <il...@php.net> | +----------------------------------------------------------------------+ */ -/* $Id: exec.c,v 1.113.2.3.2.12 2009/04/19 15:01:11 iliaa Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.13 2009/04/30 15:25:05 pajoye Exp $ */ #include <stdio.h> #include "php.h" @@ -80,6 +80,12 @@ goto err; } b = strrchr(cmd, PHP_DIR_SEPARATOR); +#ifdef PHP_WIN32 + if (b && *b == '\\' && b == cmd) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid absolute path."); + goto err; + } +#endif spprintf(&d, 0, "%s%s%s%s%s", PG(safe_mode_exec_dir), (b ? "" : "/"), (b ? b : cmd), (c ? " " : ""), (c ? c : "")); if (c) { *(c - 1) = ' ';
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php