stas Sun, 31 Jul 2011 22:43:21 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=314002
Log: retore open_basedir check for unlink Changed paths: U php/php-src/branches/PHP_5_4/main/streams/plain_wrapper.c U php/php-src/trunk/main/streams/plain_wrapper.c Modified: php/php-src/branches/PHP_5_4/main/streams/plain_wrapper.c =================================================================== --- php/php-src/branches/PHP_5_4/main/streams/plain_wrapper.c 2011-07-31 21:47:03 UTC (rev 314001) +++ php/php-src/branches/PHP_5_4/main/streams/plain_wrapper.c 2011-07-31 22:43:21 UTC (rev 314002) @@ -113,7 +113,7 @@ unsigned is_pipe:1; /* don't try and seek */ unsigned cached_fstat:1; /* sb is valid */ unsigned _reserved:29; - + int lock_flag; /* stores the lock state */ char *temp_file_name; /* if non-null, this is the path to a temporary file that * is to be deleted when the stream is closed */ @@ -139,7 +139,7 @@ if (!d->cached_fstat || force) { int fd; int r; - + PHP_STDIOP_GET_FD(fd, d); r = fstat(fd, &d->sb); d->cached_fstat = r == 0; @@ -152,7 +152,7 @@ static php_stream *_php_stream_fopen_from_fd_int(int fd, const char *mode, const char *persistent_id STREAMS_DC TSRMLS_DC) { php_stdio_stream_data *self; - + self = pemalloc_rel_orig(sizeof(*self), persistent_id); memset(self, 0, sizeof(*self)); self->file = NULL; @@ -161,14 +161,14 @@ self->is_process_pipe = 0; self->temp_file_name = NULL; self->fd = fd; - + return php_stream_alloc_rel(&php_stream_stdio_ops, self, persistent_id, mode); } static php_stream *_php_stream_fopen_from_file_int(FILE *file, const char *mode STREAMS_DC TSRMLS_DC) { php_stdio_stream_data *self; - + self = emalloc_rel_orig(sizeof(*self)); memset(self, 0, sizeof(*self)); self->file = file; @@ -213,7 +213,7 @@ self->temp_file_name = opened_path; self->lock_flag = LOCK_UN; - + return stream; } close(fd); @@ -246,7 +246,7 @@ } } #endif - + if (self->is_pipe) { stream->flags |= PHP_STREAM_FLAG_NO_SEEK; } else { @@ -285,7 +285,7 @@ } } #endif - + if (self->is_pipe) { stream->flags |= PHP_STREAM_FLAG_NO_SEEK; } else { @@ -354,9 +354,9 @@ so script can retry if desired */ ret = read(data->fd, buf, count); } - + stream->eof = (ret == 0 || (ret == (size_t)-1 && errno != EWOULDBLOCK && errno != EINTR && errno != EBADF)); - + } else { #if HAVE_FLUSHIO if (!data->is_pipe && data->last_op == 'w') @@ -393,7 +393,7 @@ data->file_mapping = NULL; } #endif - + if (close_handle) { if (data->file) { if (data->is_process_pipe) { @@ -463,14 +463,14 @@ if (data->fd >= 0) { off_t result; - + result = lseek(data->fd, offset, whence); if (result == (off_t)-1) return -1; *newoffset = result; return 0; - + } else { ret = fseek(data->file, offset, whence); *newoffset = ftell(data->file); @@ -484,7 +484,7 @@ php_stdio_stream_data *data = (php_stdio_stream_data*) stream->abstract; assert(data != NULL); - + /* as soon as someone touches the stdio layer, buffering may ensue, * so we need to stop using the fd directly in that case */ @@ -502,7 +502,7 @@ return FAILURE; } } - + *(FILE**)ret = data->file; data->fd = -1; } @@ -558,9 +558,9 @@ int flags; int oldval; #endif - + PHP_STDIOP_GET_FD(fd, data); - + switch(option) { case PHP_STREAM_OPTION_BLOCKING: if (fd == -1) @@ -572,20 +572,20 @@ flags &= ~O_NONBLOCK; else flags |= O_NONBLOCK; - + if (-1 == fcntl(fd, F_SETFL, flags)) return -1; return oldval; #else return -1; /* not yet implemented */ #endif - + case PHP_STREAM_OPTION_WRITE_BUFFER: if (data->file == NULL) { return -1; } - + if (ptrparam) size = *(size_t *)ptrparam; else @@ -594,10 +594,10 @@ switch(value) { case PHP_STREAM_BUFFER_NONE: return setvbuf(data->file, NULL, _IONBF, 0); - + case PHP_STREAM_BUFFER_LINE: return setvbuf(data->file, NULL, _IOLBF, size); - + case PHP_STREAM_BUFFER_FULL: return setvbuf(data->file, NULL, _IOFBF, size); @@ -605,7 +605,7 @@ return -1; } break; - + case PHP_STREAM_OPTION_LOCKING: if (fd == -1) { return -1; @@ -628,7 +628,7 @@ { php_stream_mmap_range *range = (php_stream_mmap_range*)ptrparam; int prot, flags; - + switch (value) { case PHP_STREAM_MMAP_SUPPORTED: return fd == -1 ? PHP_STREAM_OPTION_RETURN_ERR : PHP_STREAM_OPTION_RETURN_OK; @@ -793,7 +793,7 @@ return ftruncate(fd, new_size) == 0 ? PHP_STREAM_OPTION_RETURN_OK : PHP_STREAM_OPTION_RETURN_ERR; } } - + default: return PHP_STREAM_OPTION_RETURN_NOTIMPL; } @@ -866,7 +866,7 @@ if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(path TSRMLS_CC)) { return NULL; } - + dir = VCWD_OPENDIR(path); #ifdef PHP_WIN32 @@ -884,7 +884,7 @@ if (stream == NULL) closedir(dir); } - + return stream; } /* }}} */ @@ -932,7 +932,7 @@ return ret; } } - + fd = open(realpath, open_flags, 0666); if (fd != -1) { @@ -1035,6 +1035,10 @@ url = p + 3; } + if (php_check_open_basedir(url TSRMLS_CC)) { + return 0; + } + ret = VCWD_UNLINK(url); if (ret == -1) { if (options & REPORT_ERRORS) { @@ -1165,7 +1169,7 @@ } if (p && dir_len == 1) { - /* buf == "DEFAULT_SLASH" */ + /* buf == "DEFAULT_SLASH" */ } else { /* find a top level directory we need to create */ @@ -1405,7 +1409,7 @@ return php_stream_fopen_rel(filename, mode, opened_path, options); } - + #ifdef PHP_WIN32 if (IS_SLASH(filename[0])) { size_t cwd_len; @@ -1413,17 +1417,17 @@ cwd = virtual_getcwd_ex(&cwd_len TSRMLS_CC); /* getcwd() will return always return [DRIVE_LETTER]:/) on windows. */ *(cwd+3) = '\0'; - + if (snprintf(trypath, MAXPATHLEN, "%s%s", cwd, filename) >= MAXPATHLEN) { php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path was truncated to %d", cwd, filename, MAXPATHLEN); } - + free(cwd); - + if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(trypath TSRMLS_CC)) { return NULL; } - + return php_stream_fopen_rel(trypath, mode, opened_path, options); } #endif @@ -1475,7 +1479,7 @@ if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir_ex(trypath, 0 TSRMLS_CC)) { goto stream_skip; } - + stream = php_stream_fopen_rel(trypath, mode, opened_path, options); if (stream) { efree(pathbuf); Modified: php/php-src/trunk/main/streams/plain_wrapper.c =================================================================== --- php/php-src/trunk/main/streams/plain_wrapper.c 2011-07-31 21:47:03 UTC (rev 314001) +++ php/php-src/trunk/main/streams/plain_wrapper.c 2011-07-31 22:43:21 UTC (rev 314002) @@ -1035,6 +1035,10 @@ url = p + 3; } + if (php_check_open_basedir(url TSRMLS_CC)) { + return 0; + } + ret = VCWD_UNLINK(url); if (ret == -1) { if (options & REPORT_ERRORS) {
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php