subject:"\[PHP\-CVS\] svn\: \/php\/php\-src\/branches\/PHP_5_3\/main\/ fopen

[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/main/ fopen_wrappers.c

2011-08-09 Thread Xinchen Hui

laruence Tue, 09 Aug 2011 13:04:35 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=314645

Log:
Fixed built (missing 2nd arg for strncpy)

Changed paths:
U   php/php-src/branches/PHP_5_3/main/fopen_wrappers.c

Modified: php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2011-08-09 12:34:15 UTC 
(rev 314644)
+++ php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2011-08-09 13:04:35 UTC 
(rev 314645)
@@ -473,7 +473,7 @@
if (IS_SLASH(path_info[0])) {
length--;
}
-   strncpy(filename + length, path_len + 1);
+   strncpy(filename + length, path_info, path_len + 1);
}
} else {
filename = SG(request_info).path_translated;

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

2011-01-18 Thread Pierre Joye

pajoye   Tue, 18 Jan 2011 22:20:09 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=307563

Log:
- fix regression introduced in 5.3.4 in open_basedir on windows/novell with 
trailing fwd slash

Changed paths:
U   php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
U   php/php-src/trunk/main/fopen_wrappers.c

Modified: php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2011-01-18 19:56:09 UTC 
(rev 307562)
+++ php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2011-01-18 22:20:09 UTC 
(rev 307563)
@@ -229,7 +229,11 @@
if (expand_filepath(local_open_basedir, resolved_basedir TSRMLS_CC) != 
NULL) {
/* Handler for basedirs that end with a / */
resolved_basedir_len = strlen(resolved_basedir);
+#if defined(PHP_WIN32) || defined(NETWARE)
+   if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR || 
basedir[strlen(basedir) - 1] == '/') {
+#else
if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR) {
+#endif
if (resolved_basedir[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';

Modified: php/php-src/trunk/main/fopen_wrappers.c
===
--- php/php-src/trunk/main/fopen_wrappers.c 2011-01-18 19:56:09 UTC (rev 
307562)
+++ php/php-src/trunk/main/fopen_wrappers.c 2011-01-18 22:20:09 UTC (rev 
307563)
@@ -228,7 +228,11 @@
if (expand_filepath(local_open_basedir, resolved_basedir TSRMLS_CC) != 
NULL) {
/* Handler for basedirs that end with a / */
resolved_basedir_len = strlen(resolved_basedir);
+#if defined(PHP_WIN32) || defined(NETWARE)
+   if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR || 
basedir[strlen(basedir) - 1] == '/') {
+#else
if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR) {
+#endif
if (resolved_basedir[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

2010-11-23 Thread Pierre Joye

pajoye   Tue, 23 Nov 2010 22:14:54 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=305698

Log:
- fixed #53352

Bug: http://bugs.php.net/53352 (Assigned) open_basedir does not pass through 
files with matching path
  
Changed paths:
U   php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
U   php/php-src/trunk/main/fopen_wrappers.c

Modified: php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-11-23 21:49:18 UTC 
(rev 305697)
+++ php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-11-23 22:14:54 UTC 
(rev 305698)
@@ -234,6 +234,9 @@
resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';
}
+   } else {
+   resolved_basedir[resolved_basedir_len++] = 
PHP_DIR_SEPARATOR;
+   resolved_basedir[resolved_basedir_len] = '\0';
}

resolved_name_len = strlen(resolved_name);
@@ -251,7 +254,7 @@
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
 #endif
if (resolved_name_len  resolved_basedir_len 
-   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   resolved_name[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
return -1;
} else {
/* File is in the right directory */

Modified: php/php-src/trunk/main/fopen_wrappers.c
===
--- php/php-src/trunk/main/fopen_wrappers.c 2010-11-23 21:49:18 UTC (rev 
305697)
+++ php/php-src/trunk/main/fopen_wrappers.c 2010-11-23 22:14:54 UTC (rev 
305698)
@@ -233,6 +233,9 @@
resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';
}
+   } else {
+   resolved_basedir[resolved_basedir_len++] = 
PHP_DIR_SEPARATOR;
+   resolved_basedir[resolved_basedir_len] = '\0';
}

resolved_name_len = strlen(resolved_name);
@@ -250,7 +253,7 @@
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
 #endif
if (resolved_name_len  resolved_basedir_len 
-   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   resolved_name[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
return -1;
} else {
/* File is in the right directory */

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

2010-09-28 Thread Pierre Joye

pajoye   Tue, 28 Sep 2010 13:29:33 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=303824

Log:
- Fixed possible flaw in open_basedir (CVE-2010-3436)

Changed paths:
U   php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
U   php/php-src/trunk/main/fopen_wrappers.c

Modified: php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-09-28 13:28:55 UTC 
(rev 303823)
+++ php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-09-28 13:29:33 UTC 
(rev 303824)
@@ -250,8 +250,13 @@
 #else
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
 #endif
-   /* File is in the right directory */
-   return 0;
+   if (resolved_name_len  resolved_basedir_len 
+   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   return -1;
+   } else {
+   /* File is in the right directory */
+   return 0;
+   }
} else {
/* /openbasedir/ and /openbasedir are the same 
directory */
if (resolved_basedir_len == (resolved_name_len + 1)  
resolved_basedir[resolved_basedir_len - 1] == PHP_DIR_SEPARATOR) {

Modified: php/php-src/trunk/main/fopen_wrappers.c
===
--- php/php-src/trunk/main/fopen_wrappers.c 2010-09-28 13:28:55 UTC (rev 
303823)
+++ php/php-src/trunk/main/fopen_wrappers.c 2010-09-28 13:29:33 UTC (rev 
303824)
@@ -249,8 +249,13 @@
 #else
if (strncmp(resolved_basedir, resolved_name, 
resolved_basedir_len) == 0) {
 #endif
-   /* File is in the right directory */
-   return 0;
+   if (resolved_name_len  resolved_basedir_len 
+   resolved_name[resolved_basedir_len] != 
PHP_DIR_SEPARATOR) {
+   return -1;
+   } else {
+   /* File is in the right directory */
+   return 0;
+   }
} else {
/* /openbasedir/ and /openbasedir are the same 
directory */
if (resolved_basedir_len == (resolved_name_len + 1)  
resolved_basedir[resolved_basedir_len - 1] == PHP_DIR_SEPARATOR) {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c branches/PHP_5_3/sapi/cgi/cgi_main.c trunk/main/fopen_wrappers.c trunk/sapi/cgi/cgi_main.c

2009-09-10 Thread Jani Taskinen

jani Thu, 10 Sep 2009 16:19:42 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=288246

Log:
- Simplified a bit and fixed possible memory corruption and definate leak.

Changed paths:
U   php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
U   php/php-src/branches/PHP_5_3/sapi/cgi/cgi_main.c
U   php/php-src/trunk/main/fopen_wrappers.c
U   php/php-src/trunk/sapi/cgi/cgi_main.c

Modified: php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
===
--- php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2009-09-10 15:05:49 UTC 
(rev 288245)
+++ php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2009-09-10 16:19:42 UTC 
(rev 288246)
@@ -485,6 +485,7 @@

file_handle-opened_path = expand_filepath(filename, NULL TSRMLS_CC);

+   STR_FREE(SG(request_info).path_translated); /* for same reason as 
above */
SG(request_info).path_translated = filename;

file_handle-filename = SG(request_info).path_translated;

Modified: php/php-src/branches/PHP_5_3/sapi/cgi/cgi_main.c
===
--- php/php-src/branches/PHP_5_3/sapi/cgi/cgi_main.c2009-09-10 15:05:49 UTC 
(rev 288245)
+++ php/php-src/branches/PHP_5_3/sapi/cgi/cgi_main.c2009-09-10 16:19:42 UTC 
(rev 288246)
@@ -1280,9 +1280,6 @@
if (pt) {
efree(pt);
}
-   if (is_valid_path(script_path_translated)) {
-   SG(request_info).path_translated = 
estrdup(script_path_translated);
-   }
} else {
/* make sure path_info/translated are empty */
if (!orig_script_filename ||
@@ -1311,9 +1308,6 @@
} else {
SG(request_info).request_uri = 
env_script_name;
}
-   if (is_valid_path(script_path_translated)) {
-   SG(request_info).path_translated = 
estrdup(script_path_translated);
-   }
free(real_path);
}
} else {
@@ -1326,11 +1320,12 @@
if (!CGIG(discard_path)  env_path_translated) {
script_path_translated = env_path_translated;
}
-   if (is_valid_path(script_path_translated)) {
-   SG(request_info).path_translated = 
estrdup(script_path_translated);
-   }
}

+   if (is_valid_path(script_path_translated)) {
+   SG(request_info).path_translated = 
estrdup(script_path_translated);
+   }
+
SG(request_info).request_method = 
sapi_cgibin_getenv(REQUEST_METHOD, sizeof(REQUEST_METHOD)-1 TSRMLS_CC);
/* FIXME - Work out proto_num here */
SG(request_info).query_string = 
sapi_cgibin_getenv(QUERY_STRING, sizeof(QUERY_STRING)-1 TSRMLS_CC);
@@ -2131,26 +2126,14 @@

 fastcgi_request_done:
{
-   char *path_translated;
+   STR_FREE(SG(request_info).path_translated);

-   /* Go through this trouble so that the memory 
manager doesn't warn
-* about SG(request_info).path_translated 
leaking
-*/
-   if (SG(request_info).path_translated) {
-   path_translated = 
strdup(SG(request_info).path_translated);
-   
STR_FREE(SG(request_info).path_translated);
-   SG(request_info).path_translated = 
path_translated;
-   }
-
php_request_shutdown((void *) 0);
+
if (exit_status == 0) {
exit_status = EG(exit_status);
}

-   if (SG(request_info).path_translated) {
-   free(SG(request_info).path_translated);
-   SG(request_info).path_translated = NULL;
-   }
if (free_query_string  
SG(request_info).query_string) {
free(SG(request_info).query_string);
SG(request_info).query_string = NULL;

Modified: php/php-src/trunk/main/fopen_wrappers.c
===
---

[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/main/ fopen_wrappers.c

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c trunk/main/fopen_wrappers.c

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/fopen_wrappers.c branches/PHP_5_3/sapi/cgi/cgi_main.c trunk/main/fopen_wrappers.c trunk/sapi/cgi/cgi_main.c

5 matches

Site Navigation

Mail list logo

Footer information