stas                                     Sun, 31 Jul 2011 22:43:21 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=314002

Log:
retore open_basedir check for unlink

Changed paths:
    U   php/php-src/branches/PHP_5_4/main/streams/plain_wrapper.c
    U   php/php-src/trunk/main/streams/plain_wrapper.c

Modified: php/php-src/branches/PHP_5_4/main/streams/plain_wrapper.c
===================================================================
--- php/php-src/branches/PHP_5_4/main/streams/plain_wrapper.c   2011-07-31 
21:47:03 UTC (rev 314001)
+++ php/php-src/branches/PHP_5_4/main/streams/plain_wrapper.c   2011-07-31 
22:43:21 UTC (rev 314002)
@@ -113,7 +113,7 @@
        unsigned is_pipe:1;                     /* don't try and seek */
        unsigned cached_fstat:1;        /* sb is valid */
        unsigned _reserved:29;
-
+
        int lock_flag;                  /* stores the lock state */
        char *temp_file_name;   /* if non-null, this is the path to a temporary 
file that
                                                         * is to be deleted 
when the stream is closed */
@@ -139,7 +139,7 @@
        if (!d->cached_fstat || force) {
                int fd;
                int r;
-
+
                PHP_STDIOP_GET_FD(fd, d);
                r = fstat(fd, &d->sb);
                d->cached_fstat = r == 0;
@@ -152,7 +152,7 @@
 static php_stream *_php_stream_fopen_from_fd_int(int fd, const char *mode, 
const char *persistent_id STREAMS_DC TSRMLS_DC)
 {
        php_stdio_stream_data *self;
-
+
        self = pemalloc_rel_orig(sizeof(*self), persistent_id);
        memset(self, 0, sizeof(*self));
        self->file = NULL;
@@ -161,14 +161,14 @@
        self->is_process_pipe = 0;
        self->temp_file_name = NULL;
        self->fd = fd;
-
+
        return php_stream_alloc_rel(&php_stream_stdio_ops, self, persistent_id, 
mode);
 }

 static php_stream *_php_stream_fopen_from_file_int(FILE *file, const char 
*mode STREAMS_DC TSRMLS_DC)
 {
        php_stdio_stream_data *self;
-
+
        self = emalloc_rel_orig(sizeof(*self));
        memset(self, 0, sizeof(*self));
        self->file = file;
@@ -213,7 +213,7 @@

                        self->temp_file_name = opened_path;
                        self->lock_flag = LOCK_UN;
-
+
                        return stream;
                }
                close(fd);
@@ -246,7 +246,7 @@
                        }
                }
 #endif
-
+
                if (self->is_pipe) {
                        stream->flags |= PHP_STREAM_FLAG_NO_SEEK;
                } else {
@@ -285,7 +285,7 @@
                        }
                }
 #endif
-
+
                if (self->is_pipe) {
                        stream->flags |= PHP_STREAM_FLAG_NO_SEEK;
                } else {
@@ -354,9 +354,9 @@
                           so script can retry if desired */
                        ret = read(data->fd, buf, count);
                }
-
+
                stream->eof = (ret == 0 || (ret == (size_t)-1 && errno != 
EWOULDBLOCK && errno != EINTR && errno != EBADF));
-
+
        } else {
 #if HAVE_FLUSHIO
                if (!data->is_pipe && data->last_op == 'w')
@@ -393,7 +393,7 @@
                data->file_mapping = NULL;
        }
 #endif
-
+
        if (close_handle) {
                if (data->file) {
                        if (data->is_process_pipe) {
@@ -463,14 +463,14 @@

        if (data->fd >= 0) {
                off_t result;
-
+
                result = lseek(data->fd, offset, whence);
                if (result == (off_t)-1)
                        return -1;

                *newoffset = result;
                return 0;
-
+
        } else {
                ret = fseek(data->file, offset, whence);
                *newoffset = ftell(data->file);
@@ -484,7 +484,7 @@
        php_stdio_stream_data *data = (php_stdio_stream_data*) stream->abstract;

        assert(data != NULL);
-
+
        /* as soon as someone touches the stdio layer, buffering may ensue,
         * so we need to stop using the fd directly in that case */

@@ -502,7 +502,7 @@
                                                return FAILURE;
                                        }
                                }
-
+
                                *(FILE**)ret = data->file;
                                data->fd = -1;
                        }
@@ -558,9 +558,9 @@
        int flags;
        int oldval;
 #endif
-
+
        PHP_STDIOP_GET_FD(fd, data);
-
+
        switch(option) {
                case PHP_STREAM_OPTION_BLOCKING:
                        if (fd == -1)
@@ -572,20 +572,20 @@
                                flags &= ~O_NONBLOCK;
                        else
                                flags |= O_NONBLOCK;
-
+
                        if (-1 == fcntl(fd, F_SETFL, flags))
                                return -1;
                        return oldval;
 #else
                        return -1; /* not yet implemented */
 #endif
-
+
                case PHP_STREAM_OPTION_WRITE_BUFFER:

                        if (data->file == NULL) {
                                return -1;
                        }
-
+
                        if (ptrparam)
                                size = *(size_t *)ptrparam;
                        else
@@ -594,10 +594,10 @@
                        switch(value) {
                                case PHP_STREAM_BUFFER_NONE:
                                        return setvbuf(data->file, NULL, 
_IONBF, 0);
-
+
                                case PHP_STREAM_BUFFER_LINE:
                                        return setvbuf(data->file, NULL, 
_IOLBF, size);
-
+
                                case PHP_STREAM_BUFFER_FULL:
                                        return setvbuf(data->file, NULL, 
_IOFBF, size);

@@ -605,7 +605,7 @@
                                        return -1;
                        }
                        break;
-
+
                case PHP_STREAM_OPTION_LOCKING:
                        if (fd == -1) {
                                return -1;
@@ -628,7 +628,7 @@
                        {
                                php_stream_mmap_range *range = 
(php_stream_mmap_range*)ptrparam;
                                int prot, flags;
-
+
                                switch (value) {
                                        case PHP_STREAM_MMAP_SUPPORTED:
                                                return fd == -1 ? 
PHP_STREAM_OPTION_RETURN_ERR : PHP_STREAM_OPTION_RETURN_OK;
@@ -793,7 +793,7 @@
                                        return ftruncate(fd, new_size) == 0 ? 
PHP_STREAM_OPTION_RETURN_OK : PHP_STREAM_OPTION_RETURN_ERR;
                                }
                        }
-
+
                default:
                        return PHP_STREAM_OPTION_RETURN_NOTIMPL;
        }
@@ -866,7 +866,7 @@
        if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && 
php_check_open_basedir(path TSRMLS_CC)) {
                return NULL;
        }
-
+
        dir = VCWD_OPENDIR(path);

 #ifdef PHP_WIN32
@@ -884,7 +884,7 @@
                if (stream == NULL)
                        closedir(dir);
        }
-
+
        return stream;
 }
 /* }}} */
@@ -932,7 +932,7 @@
                                return ret;
                }
        }
-
+
        fd = open(realpath, open_flags, 0666);

        if (fd != -1)   {
@@ -1035,6 +1035,10 @@
                url = p + 3;
        }

+       if (php_check_open_basedir(url TSRMLS_CC)) {
+               return 0;
+       }
+
        ret = VCWD_UNLINK(url);
        if (ret == -1) {
                if (options & REPORT_ERRORS) {
@@ -1165,7 +1169,7 @@
                }

                if (p && dir_len == 1) {
-                       /* buf == "DEFAULT_SLASH" */
+                       /* buf == "DEFAULT_SLASH" */
                }
                else {
                        /* find a top level directory we need to create */
@@ -1405,7 +1409,7 @@

                return php_stream_fopen_rel(filename, mode, opened_path, 
options);
        }
-
+
 #ifdef PHP_WIN32
        if (IS_SLASH(filename[0])) {
                size_t cwd_len;
@@ -1413,17 +1417,17 @@
                cwd = virtual_getcwd_ex(&cwd_len TSRMLS_CC);
                /* getcwd() will return always return [DRIVE_LETTER]:/) on 
windows. */
                *(cwd+3) = '\0';
-
+
                if (snprintf(trypath, MAXPATHLEN, "%s%s", cwd, filename) >= 
MAXPATHLEN) {
                        php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path 
was truncated to %d", cwd, filename, MAXPATHLEN);
                }
-
+
                free(cwd);
-
+
                if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && 
php_check_open_basedir(trypath TSRMLS_CC)) {
                        return NULL;
                }
-
+
                return php_stream_fopen_rel(trypath, mode, opened_path, 
options);
        }
 #endif
@@ -1475,7 +1479,7 @@
                if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && 
php_check_open_basedir_ex(trypath, 0 TSRMLS_CC)) {
                        goto stream_skip;
                }
-
+
                stream = php_stream_fopen_rel(trypath, mode, opened_path, 
options);
                if (stream) {
                        efree(pathbuf);

Modified: php/php-src/trunk/main/streams/plain_wrapper.c
===================================================================
--- php/php-src/trunk/main/streams/plain_wrapper.c      2011-07-31 21:47:03 UTC 
(rev 314001)
+++ php/php-src/trunk/main/streams/plain_wrapper.c      2011-07-31 22:43:21 UTC 
(rev 314002)
@@ -1035,6 +1035,10 @@
                url = p + 3;
        }

+       if (php_check_open_basedir(url TSRMLS_CC)) {
+               return 0;
+       }
+
        ret = VCWD_UNLINK(url);
        if (ret == -1) {
                if (options & REPORT_ERRORS) {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to