pajoye Thu Apr 30 15:25:05 2009 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/standard exec.c
Log:
- #45997, safe_mode bypass with exec/sytem/passthru (windows only)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.12&r2=1.113.2.3.2.13&diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.12
php-src/ext/standard/exec.c:1.113.2.3.2.13
--- php-src/ext/standard/exec.c:1.113.2.3.2.12 Sun Apr 19 15:01:11 2009
+++ php-src/ext/standard/exec.c Thu Apr 30 15:25:05 2009
@@ -16,7 +16,7 @@
| Ilia Alshanetsky <il...@php.net> |
+----------------------------------------------------------------------+
*/
-/* $Id: exec.c,v 1.113.2.3.2.12 2009/04/19 15:01:11 iliaa Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.13 2009/04/30 15:25:05 pajoye Exp $ */
#include <stdio.h>
#include "php.h"
@@ -80,6 +80,12 @@
goto err;
}
b = strrchr(cmd, PHP_DIR_SEPARATOR);
+#ifdef PHP_WIN32
+ if (b && *b == '\\' && b == cmd) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid
absolute path.");
+ goto err;
+ }
+#endif
spprintf(&d, 0, "%s%s%s%s%s", PG(safe_mode_exec_dir), (b ? "" :
"/"), (b ? b : cmd), (c ? " " : ""), (c ? c : ""));
if (c) {
*(c - 1) = ' ';
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
