subject:"\[PHP\-CVS\] svn\: \/php\/php\-src\/ branches\/PHP_5_3\/main\/fopen_wrappers.c trunk\/main\/fopen

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

2011-01-18 Thread Pierre Joye

pajoye   Tue, 18 Jan 2011 22:20:09 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=307563

Log:
- fix regression introduced in 5.3.4 in open_basedir on windows/novell with 
trailing fwd slash

Changed paths:
U   php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
U   php/php-src/trunk/main/fopen_wrappers.c

Modified: php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2011-01-18 19:56:09 UTC 
(rev 307562)
+++ php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2011-01-18 22:20:09 UTC 
(rev 307563)
@@ -229,7 +229,11 @@
if (expand_filepath(local_open_basedir, resolved_basedir TSRMLS_CC) != 
NULL) {
/* Handler for basedirs that end with a / */
resolved_basedir_len = strlen(resolved_basedir);
+#if defined(PHP_WIN32) || defined(NETWARE)
+   if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR || 
basedir[strlen(basedir) - 1] == '/') {
+#else
if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR) {
+#endif
if (resolved_basedir[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';

Modified: php/php-src/trunk/main/fopen_wrappers.c
===
--- php/php-src/trunk/main/fopen_wrappers.c 2011-01-18 19:56:09 UTC (rev 
307562)
+++ php/php-src/trunk/main/fopen_wrappers.c 2011-01-18 22:20:09 UTC (rev 
307563)
@@ -228,7 +228,11 @@
if (expand_filepath(local_open_basedir, resolved_basedir TSRMLS_CC) != 
NULL) {
/* Handler for basedirs that end with a / */
resolved_basedir_len = strlen(resolved_basedir);
+#if defined(PHP_WIN32) || defined(NETWARE)
+   if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR || 
basedir[strlen(basedir) - 1] == '/') {
+#else
if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR) {
+#endif
if (resolved_basedir[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

2010-11-23 Thread Pierre Joye

pajoye   Tue, 23 Nov 2010 22:14:54 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=305698

Log:
- fixed #53352

Bug: http://bugs.php.net/53352 (Assigned) open_basedir does not pass through 
files with matching path
  
Changed paths:
U   php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
U   php/php-src/trunk/main/fopen_wrappers.c

Modified: php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-11-23 21:49:18 UTC 
(rev 305697)
+++ php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-11-23 22:14:54 UTC 
(rev 305698)
@@ -234,6 +234,9 @@
resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';
}
+   } else {
+   resolved_basedir[resolved_basedir_len++] = 
PHP_DIR_SEPARATOR;
+   resolved_basedir[resolved_basedir_len] = '\0';
}

resolved_name_len = strlen(resolved_name);
@@ -251,7 +254,7 @@
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
 #endif
if (resolved_name_len  resolved_basedir_len 
-   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   resolved_name[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
return -1;
} else {
/* File is in the right directory */

Modified: php/php-src/trunk/main/fopen_wrappers.c
===
--- php/php-src/trunk/main/fopen_wrappers.c 2010-11-23 21:49:18 UTC (rev 
305697)
+++ php/php-src/trunk/main/fopen_wrappers.c 2010-11-23 22:14:54 UTC (rev 
305698)
@@ -233,6 +233,9 @@
resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';
}
+   } else {
+   resolved_basedir[resolved_basedir_len++] = 
PHP_DIR_SEPARATOR;
+   resolved_basedir[resolved_basedir_len] = '\0';
}

resolved_name_len = strlen(resolved_name);
@@ -250,7 +253,7 @@
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
 #endif
if (resolved_name_len  resolved_basedir_len 
-   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   resolved_name[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
return -1;
} else {
/* File is in the right directory */

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

2010-09-28 Thread Pierre Joye

pajoye   Tue, 28 Sep 2010 13:29:33 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=303824

Log:
- Fixed possible flaw in open_basedir (CVE-2010-3436)

Changed paths:
U   php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
U   php/php-src/trunk/main/fopen_wrappers.c

Modified: php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-09-28 13:28:55 UTC 
(rev 303823)
+++ php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-09-28 13:29:33 UTC 
(rev 303824)
@@ -250,8 +250,13 @@
 #else
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
 #endif
-   /* File is in the right directory */
-   return 0;
+   if (resolved_name_len  resolved_basedir_len 
+   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   return -1;
+   } else {
+   /* File is in the right directory */
+   return 0;
+   }
} else {
/* /openbasedir/ and /openbasedir are the same 
directory */
if (resolved_basedir_len == (resolved_name_len + 1)  
resolved_basedir[resolved_basedir_len - 1] == PHP_DIR_SEPARATOR) {

Modified: php/php-src/trunk/main/fopen_wrappers.c
===
--- php/php-src/trunk/main/fopen_wrappers.c 2010-09-28 13:28:55 UTC (rev 
303823)
+++ php/php-src/trunk/main/fopen_wrappers.c 2010-09-28 13:29:33 UTC (rev 
303824)
@@ -249,8 +249,13 @@
 #else
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
 #endif
-   /* File is in the right directory */
-   return 0;
+   if (resolved_name_len  resolved_basedir_len 
+   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   return -1;
+   } else {
+   /* File is in the right directory */
+   return 0;
+   }
} else {
/* /openbasedir/ and /openbasedir are the same 
directory */
if (resolved_basedir_len == (resolved_name_len + 1)  
resolved_basedir[resolved_basedir_len - 1] == PHP_DIR_SEPARATOR) {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

3 matches

Site Navigation

Mail list logo

Footer information