Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_2/ NEWS main/fopen_wrappers.c

Fri, 10 Dec 2010 14:00:51 -0800 

Going to see if we can add one.

On Fri, Dec 10, 2010 at 4:33 PM, Christopher Jones
<christopher.jo...@oracle.com> wrote:
>
> Is there a test for this?
>
> Chris
>
> On 12/10/2010 04:50 AM, Ilia Alshanetsky wrote:
>>
>> iliaa                                    Fri, 10 Dec 2010 12:50:25 +0000
>>
>> Revision: http://svn.php.net/viewvc?view=revision&revision=306184
>>
>> Log:
>> Fixed bug #53516 (Regression in open_basedir handling).
>>
>> Bug: http://bugs.php.net/53516 (Open) open_basedir BUG introduced in PHP
>> 5.2.15
>>
>> Changed paths:
>>     U   php/php-src/branches/PHP_5_2/NEWS
>>     U   php/php-src/branches/PHP_5_2/main/fopen_wrappers.c
>>
>> Modified: php/php-src/branches/PHP_5_2/NEWS
>> ===================================================================
>> --- php/php-src/branches/PHP_5_2/NEWS   2010-12-10 11:52:13 UTC (rev
>> 306183)
>> +++ php/php-src/branches/PHP_5_2/NEWS   2010-12-10 12:50:25 UTC (rev
>> 306184)
>> @@ -1,6 +1,7 @@
>>  PHP
>>    NEWS
>>
>>  |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
>>  ?? ??? ????, PHP 5.2.16
>> +- Fixed bug #53516 (Regression in open_basedir handling). (Ilia)
>>
>>  09 Dec 2010, PHP 5.2.15
>>  - Fixed extract() to do not overwrite $GLOBALS and $this when using
>>
>> Modified: php/php-src/branches/PHP_5_2/main/fopen_wrappers.c
>> ===================================================================
>> --- php/php-src/branches/PHP_5_2/main/fopen_wrappers.c  2010-12-10
>> 11:52:13 UTC (rev 306183)
>> +++ php/php-src/branches/PHP_5_2/main/fopen_wrappers.c  2010-12-10
>> 12:50:25 UTC (rev 306184)
>> @@ -192,7 +192,7 @@
>>                if (strncmp(resolved_basedir, resolved_name,
>> resolved_basedir_len) == 0) {
>>  #endif
>>                        if (resolved_name_len>  resolved_basedir_len&&
>> -                               resolved_name[resolved_basedir_len] !=
>> PHP_DIR_SEPARATOR) {
>> +                               resolved_name[resolved_basedir_len - 1] !=
>> PHP_DIR_SEPARATOR) {
>>                                return -1;
>>                        } else {
>>                                /* File is in the right directory */
>>
>>
>
> --
> Email: christopher.jo...@oracle.com
> Tel:  +1 650 506 8630
> Blog:  http://blogs.oracle.com/opal/
>

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to