[PHP-CVS] svn: /php/php-src/branches/PHP_5_2/ NEWS main/fopen_wrappers.c

2010-12-10 Thread Ilia Alshanetsky 
iliaaFri, 10 Dec 2010 12:50:25 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=306184

Log:
Fixed bug #53516 (Regression in open_basedir handling).

Bug: http://bugs.php.net/53516 (Open) open_basedir BUG introduced in PHP 5.2.15
  
Changed paths:
U   php/php-src/branches/PHP_5_2/NEWS
U   php/php-src/branches/PHP_5_2/main/fopen_wrappers.c

Modified: php/php-src/branches/PHP_5_2/NEWS
===
--- php/php-src/branches/PHP_5_2/NEWS   2010-12-10 11:52:13 UTC (rev 306183)
+++ php/php-src/branches/PHP_5_2/NEWS   2010-12-10 12:50:25 UTC (rev 306184)
@@ -1,6 +1,7 @@
 PHP
NEWS
 |||
 ?? ??? , PHP 5.2.16
+- Fixed bug #53516 (Regression in open_basedir handling). (Ilia)

 09 Dec 2010, PHP 5.2.15
 - Fixed extract() to do not overwrite $GLOBALS and $this when using

Modified: php/php-src/branches/PHP_5_2/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_2/main/fopen_wrappers.c  2010-12-10 11:52:13 UTC 
(rev 306183)
+++ php/php-src/branches/PHP_5_2/main/fopen_wrappers.c  2010-12-10 12:50:25 UTC 
(rev 306184)
@@ -192,7 +192,7 @@
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
 #endif
if (resolved_name_len  resolved_basedir_len 
-   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   resolved_name[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
return -1;
} else {
/* File is in the right directory */

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_2/ NEWS main/fopen_wrappers.c

2010-12-10 Thread Christopher Jones 


Is there a test for this?

Chris

On 12/10/2010 04:50 AM, Ilia Alshanetsky wrote:

iliaaFri, 10 Dec 2010 12:50:25 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=306184

Log:
Fixed bug #53516 (Regression in open_basedir handling).

Bug: http://bugs.php.net/53516 (Open) open_basedir BUG introduced in PHP 5.2.15

Changed paths:
 U   php/php-src/branches/PHP_5_2/NEWS
 U   php/php-src/branches/PHP_5_2/main/fopen_wrappers.c

Modified: php/php-src/branches/PHP_5_2/NEWS
===
--- php/php-src/branches/PHP_5_2/NEWS   2010-12-10 11:52:13 UTC (rev 306183)
+++ php/php-src/branches/PHP_5_2/NEWS   2010-12-10 12:50:25 UTC (rev 306184)
@@ -1,6 +1,7 @@
  PHP
NEWS
  
|||
  ?? ??? , PHP 5.2.16
+- Fixed bug #53516 (Regression in open_basedir handling). (Ilia)

  09 Dec 2010, PHP 5.2.15
  - Fixed extract() to do not overwrite $GLOBALS and $this when using

Modified: php/php-src/branches/PHP_5_2/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_2/main/fopen_wrappers.c  2010-12-10 11:52:13 UTC 
(rev 306183)
+++ php/php-src/branches/PHP_5_2/main/fopen_wrappers.c  2010-12-10 12:50:25 UTC 
(rev 306184)
@@ -192,7 +192,7 @@
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
  #endif
if (resolved_name_len  resolved_basedir_len
-   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   resolved_name[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
return -1;
} else {
/* File is in the right directory */




--
Email: christopher.jo...@oracle.com
Tel:  +1 650 506 8630
Blog:  http://blogs.oracle.com/opal/

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_2/ NEWS main/fopen_wrappers.c

2010-12-10 Thread Ilia Alshanetsky 
Going to see if we can add one.

On Fri, Dec 10, 2010 at 4:33 PM, Christopher Jones
christopher.jo...@oracle.com wrote:

 Is there a test for this?

 Chris

 On 12/10/2010 04:50 AM, Ilia Alshanetsky wrote:

 iliaa                                    Fri, 10 Dec 2010 12:50:25 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=306184

 Log:
 Fixed bug #53516 (Regression in open_basedir handling).

 Bug: http://bugs.php.net/53516 (Open) open_basedir BUG introduced in PHP
 5.2.15

 Changed paths:
     U   php/php-src/branches/PHP_5_2/NEWS
     U   php/php-src/branches/PHP_5_2/main/fopen_wrappers.c

 Modified: php/php-src/branches/PHP_5_2/NEWS
 ===
 --- php/php-src/branches/PHP_5_2/NEWS   2010-12-10 11:52:13 UTC (rev
 306183)
 +++ php/php-src/branches/PHP_5_2/NEWS   2010-12-10 12:50:25 UTC (rev
 306184)
 @@ -1,6 +1,7 @@
  PHP
    NEWS

  |||
  ?? ??? , PHP 5.2.16
 +- Fixed bug #53516 (Regression in open_basedir handling). (Ilia)

  09 Dec 2010, PHP 5.2.15
  - Fixed extract() to do not overwrite $GLOBALS and $this when using

 Modified: php/php-src/branches/PHP_5_2/main/fopen_wrappers.c
 ===
 --- php/php-src/branches/PHP_5_2/main/fopen_wrappers.c  2010-12-10
 11:52:13 UTC (rev 306183)
 +++ php/php-src/branches/PHP_5_2/main/fopen_wrappers.c  2010-12-10
 12:50:25 UTC (rev 306184)
 @@ -192,7 +192,7 @@
                if (strncmp(resolved_basedir, resolved_name,
 resolved_basedir_len) == 0) {
  #endif
                        if (resolved_name_len  resolved_basedir_len
 -                               resolved_name[resolved_basedir_len] !=
 PHP_DIR_SEPARATOR) {
 +                               resolved_name[resolved_basedir_len - 1] !=
 PHP_DIR_SEPARATOR) {
                                return -1;
                        } else {
                                /* File is in the right directory */



 --
 Email: christopher.jo...@oracle.com
 Tel:  +1 650 506 8630
 Blog:  http://blogs.oracle.com/opal/


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php