Re: [PHP-CVS] cvs: php-src /ext/standard dir.c /ext/standard/tests/file bug41655_1.phpt
Hi Dmitry, On 6/25/07, Dmitry Stogov [EMAIL PROTECTED] wrote: dmitry Mon Jun 25 08:40:37 2007 UTC Modified files: /php-src/ext/standard dir.c /php-src/ext/standard/tests/filebug41655_1.phpt Log: Better fix for bug #41655 http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.163r2=1.164diff_format=u Index: php-src/ext/standard/dir.c diff -u php-src/ext/standard/dir.c:1.163 php-src/ext/standard/dir.c:1.164 --- php-src/ext/standard/dir.c:1.163Tue Jun 12 13:42:04 2007 +++ php-src/ext/standard/dir.c Mon Jun 25 08:40:36 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: dir.c,v 1.163 2007/06/12 13:42:04 scottmac Exp $ */ +/* $Id: dir.c,v 1.164 2007/06/25 08:40:36 dmitry Exp $ */ /* {{{ includes/startup/misc */ @@ -423,16 +423,15 @@ #endif if (PG(open_basedir) *PG(open_basedir)) { - size_t base_len = php_dirname(pattern, strlen(pattern)); - char pos = pattern[base_len]; - - pattern[base_len] = '\0'; - + int pattern_len = strlen(pattern); + char *basename = estrndup(pattern, pattern_len); + + php_dirname(basename, pattern_len); Why is it a better fix? In these versions (head and 5.2), we don't need to duplicate the pattern. I applied in 4.4 as dirname modifies the pattern. Cheers, --Pierre -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/standard dir.c /ext/standard/tests/file bug41655_1.phpt
dmitry Mon Jun 25 08:40:37 2007 UTC Modified files: /php-src/ext/standard dir.c /php-src/ext/standard/tests/filebug41655_1.phpt Log: Better fix for bug #41655 http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.163r2=1.164diff_format=u Index: php-src/ext/standard/dir.c diff -u php-src/ext/standard/dir.c:1.163 php-src/ext/standard/dir.c:1.164 --- php-src/ext/standard/dir.c:1.163Tue Jun 12 13:42:04 2007 +++ php-src/ext/standard/dir.c Mon Jun 25 08:40:36 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: dir.c,v 1.163 2007/06/12 13:42:04 scottmac Exp $ */ +/* $Id: dir.c,v 1.164 2007/06/25 08:40:36 dmitry Exp $ */ /* {{{ includes/startup/misc */ @@ -423,16 +423,15 @@ #endif if (PG(open_basedir) *PG(open_basedir)) { - size_t base_len = php_dirname(pattern, strlen(pattern)); - char pos = pattern[base_len]; - - pattern[base_len] = '\0'; - + int pattern_len = strlen(pattern); + char *basename = estrndup(pattern, pattern_len); + + php_dirname(basename, pattern_len); if (php_check_open_basedir(pattern TSRMLS_CC)) { + efree(basename); RETURN_FALSE; } - - pattern[base_len] = pos; + efree(basename); } globbuf.gl_offs = 0; http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/bug41655_1.phpt?r1=1.2r2=1.3diff_format=u Index: php-src/ext/standard/tests/file/bug41655_1.phpt diff -u php-src/ext/standard/tests/file/bug41655_1.phpt:1.2 php-src/ext/standard/tests/file/bug41655_1.phpt:1.3 --- php-src/ext/standard/tests/file/bug41655_1.phpt:1.2 Fri Jun 22 12:36:55 2007 +++ php-src/ext/standard/tests/file/bug41655_1.phpt Mon Jun 25 08:40:36 2007 @@ -7,4 +7,4 @@ $a=glob(./*.jpeg); ? --EXPECTF-- -Warning: glob() [%s]: open_basedir restriction in effect. File(.) is not within the allowed path(s): (/tmp) in %s on line %d +Warning: glob(): open_basedir restriction in effect. File(.) is not within the allowed path(s): (/tmp) in %s on line %d -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-CVS] cvs: php-src /ext/standard dir.c /ext/standard/tests/file bug41655_1.phpt
/php-src/ext/standard/tests/file/bug41655_2.phpt was broken because pattern was truncated by php_dirname(). Dmitry. -Original Message- From: Pierre [mailto:[EMAIL PROTECTED] Sent: Monday, June 25, 2007 12:52 PM To: Dmitry Stogov Cc: php-cvs@lists.php.net Subject: Re: [PHP-CVS] cvs: php-src /ext/standard dir.c /ext/standard/tests/file bug41655_1.phpt Hi Dmitry, On 6/25/07, Dmitry Stogov [EMAIL PROTECTED] wrote: dmitry Mon Jun 25 08:40:37 2007 UTC Modified files: /php-src/ext/standard dir.c /php-src/ext/standard/tests/filebug41655_1.phpt Log: Better fix for bug #41655 http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.163r2=1 .164diff_format=u Index: php-src/ext/standard/dir.c diff -u php-src/ext/standard/dir.c:1.163 php-src/ext/standard/dir.c:1.164 --- php-src/ext/standard/dir.c:1.163Tue Jun 12 13:42:04 2007 +++ php-src/ext/standard/dir.c Mon Jun 25 08:40:36 2007 @@ -16,7 +16,7 @@ +- -+ */ -/* $Id: dir.c,v 1.163 2007/06/12 13:42:04 scottmac Exp $ */ +/* $Id: dir.c,v 1.164 2007/06/25 08:40:36 dmitry Exp $ */ /* {{{ includes/startup/misc */ @@ -423,16 +423,15 @@ #endif if (PG(open_basedir) *PG(open_basedir)) { - size_t base_len = php_dirname(pattern, strlen(pattern)); - char pos = pattern[base_len]; - - pattern[base_len] = '\0'; - + int pattern_len = strlen(pattern); + char *basename = estrndup(pattern, pattern_len); + + php_dirname(basename, pattern_len); Why is it a better fix? In these versions (head and 5.2), we don't need to duplicate the pattern. I applied in 4.4 as dirname modifies the pattern. Cheers, --Pierre -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php