pollita Thu Jan 9 17:29:03 2003 EDT Modified files: (Branch: PHP_4_3) /php4/ext/standard filestat.c /php4/main safe_mode.c safe_mode.h Log: MFH Index: php4/ext/standard/filestat.c diff -u php4/ext/standard/filestat.c:1.112.2.2 php4/ext/standard/filestat.c:1.112.2.3 --- php4/ext/standard/filestat.c:1.112.2.2 Tue Dec 31 11:35:27 2002 +++ php4/ext/standard/filestat.c Thu Jan 9 17:29:02 2003 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: filestat.c,v 1.112.2.2 2002/12/31 16:35:27 sebastian Exp $ */ +/* $Id: filestat.c,v 1.112.2.3 2003/01/09 22:29:02 pollita Exp $ */ #include "php.h" #include "safe_mode.h" @@ -564,7 +564,7 @@ char *stat_sb_names[13]={"dev", "ino", "mode", "nlink", "uid", "gid", "rdev", "size", "atime", "mtime", "ctime", "blksize", "blocks"}; - if (PG(safe_mode) &&(!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + if (PG(safe_mode) &&(!php_checkuid_ex(filename, NULL, +CHECKUID_CHECK_FILE_AND_DIR, IS_EXISTS_CHECK(type) ? CHECKUID_NO_ERRORS : 0))) { RETURN_FALSE; } Index: php4/main/safe_mode.c diff -u php4/main/safe_mode.c:1.51.2.1 php4/main/safe_mode.c:1.51.2.2 --- php4/main/safe_mode.c:1.51.2.1 Tue Dec 31 11:26:26 2002 +++ php4/main/safe_mode.c Thu Jan 9 17:29:02 2003 @@ -15,7 +15,7 @@ | Author: Rasmus Lerdorf <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ */ -/* $Id: safe_mode.c,v 1.51.2.1 2002/12/31 16:26:26 sebastian Exp $ */ +/* $Id: safe_mode.c,v 1.51.2.2 2003/01/09 22:29:02 pollita Exp $ */ #include "php.h" @@ -44,7 +44,7 @@ * 5 - only check file */ -PHPAPI int php_checkuid(const char *filename, char *fopen_mode, int mode) +PHPAPI int php_checkuid_ex(const char *filename, char *fopen_mode, int mode, int +flags) { struct stat sb; int ret, nofile=0; @@ -85,10 +85,14 @@ ret = VCWD_STAT(path, &sb); if (ret < 0) { if (mode == CHECKUID_DISALLOW_FILE_NOT_EXISTS) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to access %s", filename); + if (flags & CHECKUID_NO_ERRORS == 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, +"Unable to access %s", filename); + } return 0; } else if (mode == CHECKUID_ALLOW_FILE_NOT_EXISTS) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to access %s", filename); + if (flags & CHECKUID_NO_ERRORS == 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, +"Unable to access %s", filename); + } return 1; } nofile = 1; @@ -129,7 +133,9 @@ /* check directory */ ret = VCWD_STAT(path, &sb); if (ret < 0) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to access %s", filename); + if (flags & CHECKUID_NO_ERRORS == 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to +access %s", filename); + } return 0; } duid = sb.st_uid; @@ -162,15 +168,21 @@ gid = dgid; filename = path; } - - if (PG(safe_mode_gid)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE Restriction in effect. The script whose uid/gid is %ld/%ld is not allowed to access %s owned by uid/gid %ld/%ld", php_getuid(), php_getgid(), filename, uid, gid); - } else { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE Restriction in effect. The script whose uid is %ld is not allowed to access %s owned by uid %ld", php_getuid(), filename, uid); - } + + if (flags & CHECKUID_NO_ERRORS == 0) { + if (PG(safe_mode_gid)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE +Restriction in effect. The script whose uid/gid is %ld/%ld is not allowed to access +%s owned by uid/gid %ld/%ld", php_getuid(), php_getgid(), filename, uid, gid); + } else { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE +Restriction in effect. The script whose uid is %ld is not allowed to access %s owned +by uid %ld", php_getuid(), filename, uid); + } + } + return 0; } +PHPAPI int php_checkuid(const char *filename, char *fopen_mode, int mode) { + return php_checkuid_ex(filename, fopen_mode, mode, 0); +} PHPAPI char *php_get_current_user() { Index: php4/main/safe_mode.h diff -u php4/main/safe_mode.h:1.7 php4/main/safe_mode.h:1.7.10.1 --- php4/main/safe_mode.h:1.7 Fri Jul 13 14:21:21 2001 +++ php4/main/safe_mode.h Thu Jan 9 17:29:02 2003 @@ -9,7 +9,11 @@ #define CHECKUID_CHECK_MODE_PARAM 4 #define CHECKUID_ALLOW_ONLY_FILE 5 +/* flags for php_checkuid_ex() */ +#define CHECKUID_NO_ERRORS 0x01 + extern PHPAPI int php_checkuid(const char *filename, char *fopen_mode, int mode); +extern PHPAPI int php_checkuid_ex(const char *filename, char *fopen_mode, int mode, +int flags); extern PHPAPI char *php_get_current_user(void); #endif
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php