sniper Thu Nov 3 15:20:14 2005 EDT Modified files: (Branch: PHP_4_4) /php-src/ext/gd gd.c gd_ctx.c php_gd.h Log: MFH: added missing safe-mode checks http://cvs.php.net/diff.php/php-src/ext/gd/gd.c?r1=1.221.2.56.2.2&r2=1.221.2.56.2.3&ty=u Index: php-src/ext/gd/gd.c diff -u php-src/ext/gd/gd.c:1.221.2.56.2.2 php-src/ext/gd/gd.c:1.221.2.56.2.3 --- php-src/ext/gd/gd.c:1.221.2.56.2.2 Thu Oct 27 06:29:31 2005 +++ php-src/ext/gd/gd.c Thu Nov 3 15:20:04 2005 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: gd.c,v 1.221.2.56.2.2 2005/10/27 10:29:31 tony2001 Exp $ */ +/* $Id: gd.c,v 1.221.2.56.2.3 2005/11/03 20:20:04 sniper Exp $ */ /* gd 1.2 is copyright 1994, 1995, Quest Protein Database Center, Cold Spring Harbor Labs. */ @@ -623,7 +623,7 @@ convert_to_string_ex(file); - stream = php_stream_open_wrapper(Z_STRVAL_PP(file), "rb", IGNORE_PATH | IGNORE_URL_WIN | REPORT_ERRORS, NULL); + stream = php_stream_open_wrapper(Z_STRVAL_PP(file), "rb", ENFORCE_SAFE_MODE | IGNORE_PATH | IGNORE_URL_WIN | REPORT_ERRORS, NULL); if (stream == NULL) { RETURN_FALSE; } @@ -1440,7 +1440,7 @@ fn = Z_STRVAL_PP(file); - stream = php_stream_open_wrapper(fn, "rb", REPORT_ERRORS|IGNORE_PATH|IGNORE_URL_WIN, NULL); + stream = php_stream_open_wrapper(fn, "rb", ENFORCE_SAFE_MODE|REPORT_ERRORS|IGNORE_PATH|IGNORE_URL_WIN, NULL); if (stream == NULL) { RETURN_FALSE; } @@ -1648,10 +1648,7 @@ } if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) { - if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "rb+", CHECKUID_CHECK_FILE_AND_DIR))) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid filename '%s'", fn); - RETURN_FALSE; - } + PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename"); fp = VCWD_FOPEN(fn, "wb"); if (!fp) { @@ -3746,16 +3743,10 @@ } /* Check origin file */ - if (!fn_org || fn_org == empty_string || php_check_open_basedir(fn_org TSRMLS_CC)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid origin filename '%s'", fn_org); - RETURN_FALSE; - } + PHP_GD_CHECK_OPEN_BASEDIR(fn_org, "Invalid origin filename"); /* Check destination file */ - if (!fn_dest || fn_dest == empty_string || php_check_open_basedir(fn_dest TSRMLS_CC)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid destination filename '%s'", fn_dest); - RETURN_FALSE; - } + PHP_GD_CHECK_OPEN_BASEDIR(fn_dest, "Invalid destination filename"); /* Open origin file */ org = VCWD_FOPEN(fn_org, "rb"); http://cvs.php.net/diff.php/php-src/ext/gd/gd_ctx.c?r1=1.15.2.2.4.1&r2=1.15.2.2.4.2&ty=u Index: php-src/ext/gd/gd_ctx.c diff -u php-src/ext/gd/gd_ctx.c:1.15.2.2.4.1 php-src/ext/gd/gd_ctx.c:1.15.2.2.4.2 --- php-src/ext/gd/gd_ctx.c:1.15.2.2.4.1 Thu Oct 6 16:44:52 2005 +++ php-src/ext/gd/gd_ctx.c Thu Nov 3 15:20:10 2005 @@ -73,10 +73,7 @@ } if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) { - if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "rb+", CHECKUID_CHECK_FILE_AND_DIR))) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid filename '%s'", fn); - RETURN_FALSE; - } + PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename"); fp = VCWD_FOPEN(fn, "wb"); if (!fp) { http://cvs.php.net/diff.php/php-src/ext/gd/php_gd.h?r1=1.44.2.5&r2=1.44.2.5.8.1&ty=u Index: php-src/ext/gd/php_gd.h diff -u php-src/ext/gd/php_gd.h:1.44.2.5 php-src/ext/gd/php_gd.h:1.44.2.5.8.1 --- php-src/ext/gd/php_gd.h:1.44.2.5 Mon Mar 31 03:49:30 2003 +++ php-src/ext/gd/php_gd.h Thu Nov 3 15:20:10 2005 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: php_gd.h,v 1.44.2.5 2003/03/31 08:49:30 sniper Exp $ */ +/* $Id: php_gd.h,v 1.44.2.5.8.1 2005/11/03 20:20:10 sniper Exp $ */ #ifndef PHP_GD_H #define PHP_GD_H @@ -30,6 +30,15 @@ #if HAVE_LIBGD +/* open_basedir and safe_mode checks */ +#define PHP_GD_CHECK_OPEN_BASEDIR(filename, errormsg) \ + if (!filename || filename == empty_string || php_check_open_basedir(filename TSRMLS_CC) || \ + (PG(safe_mode) && !php_checkuid(filename, "rb+", CHECKUID_CHECK_FILE_AND_DIR)) \ + ) { \ + php_error_docref(NULL TSRMLS_CC, E_WARNING, errormsg); \ + RETURN_FALSE; \ + } + #define PHP_GDIMG_TYPE_GIF 1 #define PHP_GDIMG_TYPE_PNG 2 #define PHP_GDIMG_TYPE_JPG 3
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php