pajoye                                   Thu, 26 Aug 2010 14:23:17 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=302801

Log:
- Symlink resolution fails when target is a DFS path

Changed paths:
    U   php/php-src/branches/PHP_5_3/NEWS
    U   php/php-src/branches/PHP_5_3/TSRM/tsrm_virtual_cwd.c
    U   php/php-src/trunk/TSRM/tsrm_virtual_cwd.c

Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS   2010-08-26 13:35:20 UTC (rev 302800)
+++ php/php-src/branches/PHP_5_3/NEWS   2010-08-26 14:23:17 UTC (rev 302801)
@@ -9,7 +9,8 @@
 - Added new character sets to mysqlnd, which are available in MySQL 5.5
   (Andrey)

-- Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950) (Pierre)
+- Fixed symbolic resolution support when the target is a DFS share. (Pierre)
+- Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). (Pierre)
 - Changed deprecated ini options on startup from E_WARNING to E_DEPRECATED.
   (Kalle)
 - Changed the $context parameter on copy() to actually have an effect. (Kalle)

Modified: php/php-src/branches/PHP_5_3/TSRM/tsrm_virtual_cwd.c
===================================================================
--- php/php-src/branches/PHP_5_3/TSRM/tsrm_virtual_cwd.c        2010-08-26 
13:35:20 UTC (rev 302800)
+++ php/php-src/branches/PHP_5_3/TSRM/tsrm_virtual_cwd.c        2010-08-26 
14:23:17 UTC (rev 302801)
@@ -811,8 +811,10 @@
                                   
\\?\Volume{62d1c3f8-83b9-11de-b108-806e6f6e6963}\foo
                                */
                                if (strncmp(substitutename, "\\??\\Volume{",11) 
== 0
-                                       || strncmp(substitutename, 
"\\\\?\\Volume{",11) == 0) {
-                                       isVolume = TRUE;
+                                       || strncmp(substitutename, 
"\\\\?\\Volume{",11) == 0
+                                       || strncmp(substitutename, 
"\\??\\UNC\\", 8) == 0
+                                       ) {
+                                       isVolume = TRUE;
                                        substitutename_off = 0;
                                } else
                                        /* do not use the \??\ and \\?\ prefix*/

Modified: php/php-src/trunk/TSRM/tsrm_virtual_cwd.c
===================================================================
--- php/php-src/trunk/TSRM/tsrm_virtual_cwd.c   2010-08-26 13:35:20 UTC (rev 
302800)
+++ php/php-src/trunk/TSRM/tsrm_virtual_cwd.c   2010-08-26 14:23:17 UTC (rev 
302801)
@@ -811,7 +811,9 @@
                                   
\\?\Volume{62d1c3f8-83b9-11de-b108-806e6f6e6963}\foo
                                */
                                if (strncmp(substitutename, "\\??\\Volume{",11) 
== 0
-                                       || strncmp(substitutename, 
"\\\\?\\Volume{",11) == 0) {
+                                       || strncmp(substitutename, 
"\\\\?\\Volume{",11) == 0
+                                       || strncmp(substitutename, 
"\\??\\UNC\\", 8) == 0
+                                       ) {
                                        isVolume = TRUE;
                                        substitutename_off = 0;
                                } else

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to