kalle Mon, 26 Apr 2010 23:55:03 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=298626
Log: Merge safe_mode changes into extensions that are in sync in both branches Changed paths: U php/php-src/branches/PHP_5_3/ext/enchant/enchant.c U php/php-src/branches/PHP_5_3/ext/fileinfo/fileinfo.c U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/apprentice.c U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.c U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.h U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/magic.c U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/readcdf.c U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic.patch U php/php-src/branches/PHP_5_3/ext/mysql/php_mysql.c U php/php-src/branches/PHP_5_3/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt U php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_api.c U php/php-src/branches/PHP_5_3/ext/mysqlnd/mysqlnd_net.c U php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_driver.c U php/php-src/branches/PHP_5_3/ext/phar/phar.c U php/php-src/branches/PHP_5_3/ext/phar/phar_object.c U php/php-src/branches/PHP_5_3/ext/phar/util.c U php/php-src/branches/PHP_5_3/ext/sqlite3/sqlite3.c U php/php-src/branches/PHP_5_3/ext/sqlite3/tests/sqlite3_21_security.phpt U php/php-src/branches/PHP_5_3/ext/zip/php_zip.c U php/php-src/branches/PHP_5_3/ext/zip/php_zip.h U php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c
Modified: php/php-src/branches/PHP_5_3/ext/enchant/enchant.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/enchant/enchant.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/enchant/enchant.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -587,7 +587,11 @@ RETURN_FALSE; } +#if PHP_API_VERSION < 20100412 if ((PG(safe_mode) && (!php_checkuid(pwl, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(pwl TSRMLS_CC)) { +#else + if (php_check_open_basedir(pwl TSRMLS_CC)) { +#endif RETURN_FALSE; } Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/fileinfo.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/fileinfo/fileinfo.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/fileinfo/fileinfo.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -167,7 +167,7 @@ /* {{{ finfo_class_functions */ -function_entry finfo_class_functions[] = { +zend_function_entry finfo_class_functions[] = { ZEND_ME_MAPPING(finfo, finfo_open, arginfo_finfo_open, ZEND_ACC_PUBLIC) ZEND_ME_MAPPING(set_flags, finfo_set_flags,arginfo_finfo_method_set_flags, ZEND_ACC_PUBLIC) ZEND_ME_MAPPING(file, finfo_file, arginfo_finfo_method_file, ZEND_ACC_PUBLIC) @@ -201,7 +201,7 @@ /* {{{ fileinfo_functions[] */ -function_entry fileinfo_functions[] = { +zend_function_entry fileinfo_functions[] = { PHP_FE(finfo_open, arginfo_finfo_open) PHP_FE(finfo_close, arginfo_finfo_close) PHP_FE(finfo_set_flags, arginfo_finfo_set_flags) @@ -297,7 +297,11 @@ } file = resolved_path; +#if PHP_API_VERSION < 20100412 if ((PG(safe_mode) && (!php_checkuid(file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(file TSRMLS_CC)) { +#else + if (php_check_open_basedir(file TSRMLS_CC)) { +#endif RETURN_FALSE; } } @@ -492,8 +496,11 @@ if (wrap) { php_stream_context *context = php_stream_context_from_zval(zcontext, 0); - +#if PHP_API_VERSION < 20100412 php_stream *stream = php_stream_open_wrapper_ex(buffer, "rb", ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); +#else + php_stream *stream = php_stream_open_wrapper_ex(buffer, "rb", REPORT_ERRORS, NULL, context); +#endif if (!stream) { RETVAL_FALSE; Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/apprentice.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/apprentice.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/apprentice.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -597,7 +597,7 @@ TSRMLS_FETCH(); -#if (PHP_MAJOR_VERSION < 6) +#if PHP_API_VERSION < 20100412 stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); #else stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL); @@ -2041,7 +2041,7 @@ if (dbname == NULL) goto error2; -#if (PHP_MAJOR_VERSION < 6) +#if PHP_API_VERSION < 20100412 stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); #else stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL); @@ -2165,7 +2165,7 @@ } /* wb+ == O_WRONLY|O_CREAT|O_TRUNC|O_BINARY */ -#if (PHP_MAJOR_VERSION < 6) +#if PHP_API_VERSION < 20100412 stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); #else stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS, NULL); Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -1131,7 +1131,7 @@ break; case CDF_FILETIME: tp = info[i].pi_tp; -#if defined(PHP_WIN32 ) && _MSC_VER <= 1500 +#if defined(PHP_WIN32) && _MSC_VER <= 1500 if (tp < 1000000000000000i64) { #else if (tp < 1000000000000000LL) { Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.h =================================================================== --- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.h 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.h 2010-04-26 23:55:03 UTC (rev 298626) @@ -42,7 +42,7 @@ typedef struct { uint64_t h_magic; -#if defined(PHP_WIN32 ) && _MSC_VER <= 1500 +#if defined(PHP_WIN32) && _MSC_VER <= 1500 # define CDF_MAGIC 0xE11AB1A1E011CFD0i64 #else # define CDF_MAGIC 0xE11AB1A1E011CFD0LL Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/magic.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/magic.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/magic.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -290,7 +290,7 @@ if (!stream && inname) { no_in_stream = 1; -#if (PHP_MAJOR_VERSION < 6) +#if PHP_API_VERSION < 20100412 stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); #else stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS, NULL); Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/readcdf.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/readcdf.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/readcdf.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -110,7 +110,7 @@ case CDF_FILETIME: tp = info[i].pi_tp; if (tp != 0) { -#if defined(PHP_WIN32 ) && _MSC_VER <= 1500 +#if defined(PHP_WIN32) && _MSC_VER <= 1500 if (tp < 1000000000000000i64) { #else if (tp < 1000000000000000LL) { Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic.patch =================================================================== --- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic.patch 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic.patch 2010-04-26 23:55:03 UTC (rev 298626) @@ -257,7 +257,7 @@ + + TSRMLS_FETCH(); + -+#if (PHP_MAJOR_VERSION < 6) ++#if PHP_API_VERSION < 20100412 + stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); +#else + stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL); @@ -490,7 +490,7 @@ goto error2; - if ((fd = open(dbname, O_RDONLY|O_BINARY)) == -1) -+#if (PHP_MAJOR_VERSION < 6) ++#if PHP_API_VERSION < 20100412 + stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); +#else + stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL); @@ -647,7 +647,7 @@ - if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0644)) == -1) { +/* wb+ == O_WRONLY|O_CREAT|O_TRUNC|O_BINARY */ -+#if (PHP_MAJOR_VERSION < 6) ++#if PHP_API_VERSION < 20100412 + stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); +#else + stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS, NULL); @@ -799,7 +799,7 @@ break; case CDF_FILETIME: tp = info[i].pi_tp; -+#if defined(PHP_WIN32 ) && _MSC_VER <= 1500 ++#if defined(PHP_WIN32) && _MSC_VER <= 1500 + if (tp < 1000000000000000i64) { +#else if (tp < 1000000000000000LL) { @@ -822,7 +822,7 @@ typedef struct { uint64_t h_magic; -#define CDF_MAGIC 0xE11AB1A1E011CFD0LL -+#if defined(PHP_WIN32 ) && _MSC_VER <= 1500 ++#if defined(PHP_WIN32) && _MSC_VER <= 1500 +# define CDF_MAGIC 0xE11AB1A1E011CFD0i64 +#else +# define CDF_MAGIC 0xE11AB1A1E011CFD0LL @@ -2019,7 +2019,7 @@ + + if (!stream && inname) { + no_in_stream = 1; -+#if (PHP_MAJOR_VERSION < 6) ++#if PHP_API_VERSION < 20100412 + stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); +#else + stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS, NULL); @@ -2392,7 +2392,7 @@ case CDF_FILETIME: tp = info[i].pi_tp; if (tp != 0) { -+#if defined(PHP_WIN32 ) && _MSC_VER <= 1500 ++#if defined(PHP_WIN32) && _MSC_VER <= 1500 + if (tp < 1000000000000000i64) { +#else if (tp < 1000000000000000LL) { @@ -2773,7 +2773,7 @@ + + convert_libmagic_pattern(pattern, options); + -+#if (PHP_MAJOR_VERSION < 6) ++#if PHP_API_VERSION < 20100412 + if ((pce = pcre_get_compiled_regex_cache(Z_STRVAL_P(pattern), Z_STRLEN_P(pattern) TSRMLS_CC)) == NULL) { #else - pmatch[0].rm_so = 0; @@ -2800,7 +2800,7 @@ + haystack = estrndup(ms->search.s, ms->search.s_len); + + /* match v = 0, no match v = 1 */ -+#if (PHP_MAJOR_VERSION < 6) ++#if PHP_API_VERSION < 20100412 + php_pcre_match_impl(pce, haystack, ms->search.s_len, retval, subpats, 1, 1, PREG_OFFSET_CAPTURE, 0 TSRMLS_CC); +#else + php_pcre_match_impl(pce, IS_STRING, haystack, ms->search.s_len, retval, subpats, 1, 1, PREG_OFFSET_CAPTURE, 0 TSRMLS_CC); Modified: php/php-src/branches/PHP_5_3/ext/mysql/php_mysql.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/mysql/php_mysql.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/mysql/php_mysql.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -664,7 +664,11 @@ } /* disable local infile option for open_basedir */ +#if PHP_API_VERSION < 20100412 if (((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) && (client_flags & CLIENT_LOCAL_FILES)) { +#else + if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') && (client_flags & CLIENT_LOCAL_FILES)) { +#endif client_flags ^= CLIENT_LOCAL_FILES; } Modified: php/php-src/branches/PHP_5_3/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt =================================================================== --- php/php-src/branches/PHP_5_3/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt 2010-04-26 23:55:03 UTC (rev 298626) @@ -26,7 +26,6 @@ } ?> --INI-- -safe_mode=0 open_basedir="." --FILE-- <?php Modified: php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_api.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_api.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_api.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -1674,7 +1674,11 @@ } MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link, "mysqli_link", MYSQLI_STATUS_INITIALIZED); +#if PHP_API_VERSION < 20100412 if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) { +#else + if (PG(open_basedir) && PG(open_basedir)[0] != '\0') { +#endif if(mysql_option == MYSQL_OPT_LOCAL_INFILE) { RETURN_FALSE; } Modified: php/php-src/branches/PHP_5_3/ext/mysqlnd/mysqlnd_net.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/mysqlnd/mysqlnd_net.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/mysqlnd/mysqlnd_net.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -102,7 +102,11 @@ static enum_func_status MYSQLND_METHOD(mysqlnd_net, connect)(MYSQLND_NET * net, const char * const scheme, size_t scheme_len, zend_bool persistent, char **errstr, int * errcode TSRMLS_DC) { +#if PHP_API_VERSION < 20100412 unsigned int streams_options = ENFORCE_SAFE_MODE; +#else + unsigned int streams_options = 0; +#endif unsigned int streams_flags = STREAM_XPORT_CLIENT | STREAM_XPORT_CONNECT; char * hashed_details = NULL; int hashed_details_len = 0; Modified: php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_driver.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_driver.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_driver.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -649,7 +649,7 @@ goto cleanup; } -#if PHP_MAJOR_VERSION < 6 +#if PHP_API_VERSION < 20100412 if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) #else if (PG(open_basedir) && PG(open_basedir)[0] != '\0') Modified: php/php-src/branches/PHP_5_3/ext/phar/phar.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/phar/phar.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/phar/phar.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -1327,7 +1327,7 @@ if (!pphar) { pphar = &mydata; } -#if PHP_MAJOR_VERSION < 6 +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) { return FAILURE; } @@ -1491,7 +1491,7 @@ } else if (error && *error) { return FAILURE; } -#if PHP_MAJOR_VERSION < 6 +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) { return FAILURE; } @@ -2359,7 +2359,7 @@ FREE_ZVAL(halt_constant); -#if PHP_MAJOR_VERSION < 6 +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) { return FAILURE; } Modified: php/php-src/branches/PHP_5_3/ext/phar/phar_object.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/phar/phar_object.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/phar/phar_object.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -1754,7 +1754,7 @@ return ZEND_HASH_APPLY_STOP; } } -#if PHP_MAJOR_VERSION < 6 +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) { zend_throw_exception_ex(spl_ce_UnexpectedValueException, 0 TSRMLS_CC, "Iterator %v returned a path \"%s\" that safe mode prevents opening", ce->name, fname); @@ -3943,7 +3943,7 @@ return; } -#if PHP_MAJOR_VERSION < 6 +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) { zend_throw_exception_ex(spl_ce_RuntimeException, 0 TSRMLS_CC, "phar error: unable to open file \"%s\" to add to phar archive, safe_mode restrictions prevent this", fname); return; @@ -4187,11 +4187,11 @@ } } /* }}} */ -#if (PHP_MAJOR_VERSION < 6) -#define OPENBASEDIR_CHECKPATH(filename) \ +#if PHP_API_VERSION < 20100412 +#define PHAR_OPENBASEDIR_CHECKPATH(filename) \ (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC) #else -#define OPENBASEDIR_CHECKPATH(filename) \ +#define PHAR_OPENBASEDIR_CHECKPATH(filename) \ php_check_open_basedir(filename TSRMLS_CC) #endif @@ -4235,7 +4235,7 @@ return FAILURE; } - if (OPENBASEDIR_CHECKPATH(fullpath)) { + if (PHAR_OPENBASEDIR_CHECKPATH(fullpath)) { spprintf(error, 4096, "Cannot extract \"%s\" to \"%s\", openbasedir/safe mode restrictions in effect", entry->filename, fullpath); efree(fullpath); return FAILURE; @@ -4285,7 +4285,11 @@ return SUCCESS; } +#if PHP_API_VERSION < 20100412 fp = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); +#else + fp = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS, NULL); +#endif if (!fp) { spprintf(error, 4096, "Cannot extract \"%s\", could not open for writing \"%s\"", entry->filename, fullpath); Modified: php/php-src/branches/PHP_5_3/ext/phar/util.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/phar/util.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/phar/util.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -201,7 +201,7 @@ entry.tmp = estrndup(filename, filename_len); } } -#if PHP_MAJOR_VERSION < 6 +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) && !is_phar && (!php_checkuid(entry.tmp, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { efree(entry.tmp); efree(entry.filename); @@ -850,7 +850,7 @@ if (phar_get_pharfp(phar TSRMLS_CC)) { return SUCCESS; } -#if PHP_MAJOR_VERSION < 6 +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) && (!php_checkuid(phar->fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) { return FAILURE; } Modified: php/php-src/branches/PHP_5_3/ext/sqlite3/sqlite3.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/sqlite3/sqlite3.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/sqlite3/sqlite3.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -120,11 +120,13 @@ return; } +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { zend_throw_exception_ex(zend_exception_get_default(TSRMLS_C), 0 TSRMLS_CC, "safe_mode prohibits opening %s", fullpath); efree(fullpath); return; } +#endif if (php_check_open_basedir(fullpath TSRMLS_CC)) { zend_throw_exception_ex(zend_exception_get_default(TSRMLS_C), 0 TSRMLS_CC, "open_basedir prohibits opening %s", fullpath); @@ -158,7 +160,11 @@ } #endif +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) { +#else + if (PG(open_basedir) && *PG(open_basedir)) { +#endif sqlite3_set_authorizer(db_obj->db, php_sqlite3_authorizer, NULL); } @@ -1779,14 +1785,18 @@ */ static int php_sqlite3_authorizer(void *autharg, int access_type, const char *arg3, const char *arg4, const char *arg5, const char *arg6) { - TSRMLS_FETCH(); switch (access_type) { case SQLITE_ATTACH: { if (strncmp(arg3, ":memory:", sizeof(":memory:")-1)) { + TSRMLS_FETCH(); + +#if PHP_API_VERSION < 20100412 if (PG(safe_mode) && (!php_checkuid(arg3, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { return SQLITE_DENY; } +#endif + if (php_check_open_basedir(arg3 TSRMLS_CC)) { return SQLITE_DENY; } Modified: php/php-src/branches/PHP_5_3/ext/sqlite3/tests/sqlite3_21_security.phpt =================================================================== --- php/php-src/branches/PHP_5_3/ext/sqlite3/tests/sqlite3_21_security.phpt 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/sqlite3/tests/sqlite3_21_security.phpt 2010-04-26 23:55:03 UTC (rev 298626) @@ -1,5 +1,5 @@ --TEST-- -SQLite3 open_basedir / safe_mode checks +SQLite3 open_basedir checks --SKIPIF-- <?php require_once(dirname(__FILE__) . '/skipif.inc'); ?> --INI-- Modified: php/php-src/branches/PHP_5_3/ext/zip/php_zip.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/zip/php_zip.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/zip/php_zip.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -184,7 +184,7 @@ php_basename(path_cleaned, path_cleaned_len, NULL, 0, &file_basename, (size_t *)&file_basename_len TSRMLS_CC); - if (OPENBASEDIR_CHECKPATH(file_dirname_fullpath)) { + if (ZIP_OPENBASEDIR_CHECKPATH(file_dirname_fullpath)) { efree(file_dirname_fullpath); efree(file_basename); free(new_state.cwd); @@ -238,7 +238,7 @@ * is required, does a file can have a different * safemode status as its parent folder? */ - if (OPENBASEDIR_CHECKPATH(fullpath)) { + if (ZIP_OPENBASEDIR_CHECKPATH(fullpath)) { efree(fullpath); efree(file_dirname_fullpath); efree(file_basename); @@ -255,7 +255,7 @@ return 0; } -#if (PHP_MAJOR_VERSION < 6) +#if PHP_API_VERSION < 20100412 stream = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); #else stream = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS, NULL); @@ -288,7 +288,7 @@ char resolved_path[MAXPATHLEN]; - if (OPENBASEDIR_CHECKPATH(filename)) { + if (ZIP_OPENBASEDIR_CHECKPATH(filename)) { return -1; } @@ -530,7 +530,7 @@ /* we assume that any glob pattern will match files from one directory only so checking the dirname of the first match should be sufficient */ strncpy(cwd, globbuf.gl_pathv[0], MAXPATHLEN); - if (OPENBASEDIR_CHECKPATH(cwd)) { + if (ZIP_OPENBASEDIR_CHECKPATH(cwd)) { return -1; } @@ -592,7 +592,7 @@ } #endif - if (OPENBASEDIR_CHECKPATH(path)) { + if (ZIP_OPENBASEDIR_CHECKPATH(path)) { return -1; } @@ -1148,7 +1148,7 @@ RETURN_FALSE; } - if (OPENBASEDIR_CHECKPATH(filename)) { + if (ZIP_OPENBASEDIR_CHECKPATH(filename)) { RETURN_FALSE; } @@ -1437,7 +1437,7 @@ RETURN_FALSE; } - if (OPENBASEDIR_CHECKPATH(filename)) { + if (ZIP_OPENBASEDIR_CHECKPATH(filename)) { RETURN_FALSE; } Modified: php/php-src/branches/PHP_5_3/ext/zip/php_zip.h =================================================================== --- php/php-src/branches/PHP_5_3/ext/zip/php_zip.h 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/zip/php_zip.h 2010-04-26 23:55:03 UTC (rev 298626) @@ -43,12 +43,12 @@ # endif #endif -/* {{{ OPENBASEDIR_CHECKPATH(filename) */ -#if (PHP_MAJOR_VERSION < 6) -# define OPENBASEDIR_CHECKPATH(filename) \ +/* {{{ ZIP_OPENBASEDIR_CHECKPATH(filename) */ +#if PHP_API_VERSION < 20100412 +# define ZIP_OPENBASEDIR_CHECKPATH(filename) \ (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC) #else -#define OPENBASEDIR_CHECKPATH(filename) \ +#define ZIP_OPENBASEDIR_CHECKPATH(filename) \ php_check_open_basedir(filename TSRMLS_CC) #endif /* }}} */ Modified: php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c 2010-04-26 23:53:30 UTC (rev 298625) +++ php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c 2010-04-26 23:55:03 UTC (rev 298626) @@ -120,7 +120,7 @@ } if (filename) { - if (OPENBASEDIR_CHECKPATH(filename)) { + if (ZIP_OPENBASEDIR_CHECKPATH(filename)) { return NULL; } @@ -201,7 +201,7 @@ php_basename(path, path_len - fragment_len, NULL, 0, &file_basename, &file_basename_len TSRMLS_CC); fragment++; - if (OPENBASEDIR_CHECKPATH(file_dirname)) { + if (ZIP_OPENBASEDIR_CHECKPATH(file_dirname)) { efree(file_basename); return NULL; }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php