[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/streams/plain_wrapper.c trunk/main/streams/plain_wrapper.c
shm Tue, 14 Feb 2012 14:14:30 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=323213
Log:
* fixed bug #60704 unlink() bug with some files path
Reviewed by: rasmus@
Bug: https://bugs.php.net/60704 (Assigned) unlink() bug with some files path
Changed paths:
U php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
U php/php-src/trunk/main/streams/plain_wrapper.c
Modified: php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
===
--- php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2012-02-14
13:31:23 UTC (rev 323212)
+++ php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2012-02-14
14:14:30 UTC (rev 323213)
@@ -1010,9 +1010,12 @@
static int php_plain_files_url_stater(php_stream_wrapper *wrapper, char *url,
int flags, php_stream_statbuf *ssb, php_stream_context *context TSRMLS_DC)
{
+ char *p;
- if (strncmp(url, file://, sizeof(file://) - 1) == 0) {
- url += sizeof(file://) - 1;
+ if ((p = strstr(url, ://)) != NULL) {
+ if (p strchr(url, '/')) {
+ url = p + 3;
+ }
}
if (PG(safe_mode) (!php_checkuid_ex(url, NULL,
CHECKUID_CHECK_FILE_AND_DIR, (flags PHP_STREAM_URL_STAT_QUIET) ?
CHECKUID_NO_ERRORS : 0))) {
@@ -1045,7 +1048,9 @@
int ret;
if ((p = strstr(url, ://)) != NULL) {
- url = p + 3;
+ if (p strchr(url, '/')) {
+ url = p + 3;
+ }
}
if (options ENFORCE_SAFE_MODE) {
@@ -1093,11 +1098,15 @@
#endif
if ((p = strstr(url_from, ://)) != NULL) {
- url_from = p + 3;
+ if (p strchr(url_from, '/')) {
+ url_from = p + 3;
+ }
}
if ((p = strstr(url_to, ://)) != NULL) {
- url_to = p + 3;
+ if (p strchr(url_to, '/')) {
+ url_to = p + 3;
+ }
}
if (PG(safe_mode) (!php_checkuid(url_from, NULL,
CHECKUID_CHECK_FILE_AND_DIR) ||
@@ -1168,7 +1177,9 @@
char *p;
if ((p = strstr(dir, ://)) != NULL) {
- dir = p + 3;
+ if (p strchr(dir, '/')) {
+ dir = p + 3;
+ }
}
if (!recursive) {
Modified: php/php-src/trunk/main/streams/plain_wrapper.c
===
--- php/php-src/trunk/main/streams/plain_wrapper.c 2012-02-14 13:31:23 UTC
(rev 323212)
+++ php/php-src/trunk/main/streams/plain_wrapper.c 2012-02-14 14:14:30 UTC
(rev 323213)
@@ -1001,9 +1001,12 @@
static int php_plain_files_url_stater(php_stream_wrapper *wrapper, char *url,
int flags, php_stream_statbuf *ssb, php_stream_context *context TSRMLS_DC)
{
+ char *p;
- if (strncmp(url, file://, sizeof(file://) - 1) == 0) {
- url += sizeof(file://) - 1;
+ if ((p = strstr(url, ://)) != NULL) {
+ if (p strchr(url, '/')) {
+ url = p + 3;
+ }
}
if (php_check_open_basedir_ex(url, (flags PHP_STREAM_URL_STAT_QUIET)
? 0 : 1 TSRMLS_CC)) {
@@ -1032,7 +1035,9 @@
int ret;
if ((p = strstr(url, ://)) != NULL) {
- url = p + 3;
+ if (p strchr(url, '/')) {
+ url = p + 3;
+ }
}
if (php_check_open_basedir(url TSRMLS_CC)) {
@@ -1074,11 +1079,15 @@
#endif
if ((p = strstr(url_from, ://)) != NULL) {
- url_from = p + 3;
+ if (p strchr(url_from, '/')) {
+ url_from = p + 3;
+ }
}
if ((p = strstr(url_to, ://)) != NULL) {
- url_to = p + 3;
+ if (p strchr(url_to, '/')) {
+ url_to = p + 3;
+ }
}
if (php_check_open_basedir(url_from TSRMLS_CC) ||
php_check_open_basedir(url_to TSRMLS_CC)) {
@@ -1144,7 +1153,9 @@
char *p;
if ((p = strstr(dir, ://)) != NULL) {
- dir = p + 3;
+ if (p strchr(dir, '/')) {
+ dir = p + 3;
+ }
}
if (!recursive) {
@@ -1273,7 +1284,9 @@
#endif
if ((p = strstr(url, ://)) != NULL) {
- url = p + 3;
+ if (p strchr(url, '/')) {
+ url = p + 3;
+ }
}
if (php_check_open_basedir(url TSRMLS_CC)) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/streams/plain_wrapper.c trunk/main/streams/plain_wrapper.c
pajoye Thu, 20 Jan 2011 07:38:00 + Revision: http://svn.php.net/viewvc?view=revisionrevision=307619 Log: - don't continue if no valid option value Changed paths: U php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c U php/php-src/trunk/main/streams/plain_wrapper.c Modified: php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c === --- php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2011-01-20 07:05:34 UTC (rev 307618) +++ php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2011-01-20 07:38:00 UTC (rev 307619) @@ -713,6 +713,8 @@ acc = FILE_MAP_READ | FILE_MAP_WRITE; /* TODO: we should assign a name for the mapping */ break; + default: + return PHP_STREAM_OPTION_RETURN_ERR; } /* create a mapping capable of viewing the whole file (this costs no real resources) */ Modified: php/php-src/trunk/main/streams/plain_wrapper.c === --- php/php-src/trunk/main/streams/plain_wrapper.c 2011-01-20 07:05:34 UTC (rev 307618) +++ php/php-src/trunk/main/streams/plain_wrapper.c 2011-01-20 07:38:00 UTC (rev 307619) @@ -713,6 +713,8 @@ acc = FILE_MAP_READ | FILE_MAP_WRITE; /* TODO: we should assign a name for the mapping */ break; + default: + return PHP_STREAM_OPTION_RETURN_ERR; } /* create a mapping capable of viewing the whole file (this costs no real resources) */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/main/streams/ plain_wrapper.c
pajoye Wed, 01 Sep 2010 10:13:46 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=302969
Log:
- sb needed only in safemode
Changed paths:
U php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
Modified: php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
===
--- php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-09-01
10:03:06 UTC (rev 302968)
+++ php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-09-01
10:13:46 UTC (rev 302969)
@@ -1306,7 +1306,6 @@
char *pathbuf, *ptr, *end;
char *exec_fname;
char trypath[MAXPATHLEN];
- struct stat sb;
php_stream *stream;
int path_length;
int filename_length;
@@ -1448,6 +1447,8 @@
}
if (PG(safe_mode)) {
+ struct stat sb;
+
if (VCWD_STAT(trypath, sb) == 0) {
/* file exists ... check permission */
if ((php_check_safe_mode_include_dir(trypath
TSRMLS_CC) == 0) ||
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/streams/plain_wrapper.c trunk/main/streams/plain_wrapper.c
pajoye Wed, 01 Sep 2010 10:16:48 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=302970
Log:
- WS
Changed paths:
U php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
U php/php-src/trunk/main/streams/plain_wrapper.c
Modified: php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
===
--- php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-09-01
10:13:46 UTC (rev 302969)
+++ php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-09-01
10:16:48 UTC (rev 302970)
@@ -1147,7 +1147,7 @@
#else
php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING,
%s, strerror(errno));
#endif
-return 0;
+ return 0;
}
/* Clear stat cache (and realpath cache) */
@@ -1229,7 +1229,7 @@
if (*p == '\0') {
*p = DEFAULT_SLASH;
if ((*(p+1) != '\0')
- (ret = VCWD_MKDIR(buf,
(mode_t)mode)) 0) {
+ (ret = VCWD_MKDIR(buf,
(mode_t)mode)) 0) {
if (options REPORT_ERRORS) {
php_error_docref(NULL
TSRMLS_CC, E_WARNING, %s, strerror(errno));
}
Modified: php/php-src/trunk/main/streams/plain_wrapper.c
===
--- php/php-src/trunk/main/streams/plain_wrapper.c 2010-09-01 10:13:46 UTC
(rev 302969)
+++ php/php-src/trunk/main/streams/plain_wrapper.c 2010-09-01 10:16:48 UTC
(rev 302970)
@@ -1117,7 +1117,7 @@
#else
php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING,
%s, strerror(errno));
#endif
-return 0;
+ return 0;
}
/* Clear stat cache (and realpath cache) */
@@ -1199,7 +1199,7 @@
if (*p == '\0') {
*p = DEFAULT_SLASH;
if ((*(p+1) != '\0')
- (ret = VCWD_MKDIR(buf,
(mode_t)mode)) 0) {
+ (ret = VCWD_MKDIR(buf,
(mode_t)mode)) 0) {
if (options REPORT_ERRORS) {
php_error_docref(NULL
TSRMLS_CC, E_WARNING, %s, strerror(errno));
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/streams/plain_wrapper.c trunk/main/streams/plain_wrapper.c
pajoye Sun, 21 Feb 2010 17:44:25 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=295308
Log:
- get the right error on windows
Changed paths:
U php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
U php/php-src/trunk/main/streams/plain_wrapper.c
Modified: php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
===
--- php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-02-21
17:34:25 UTC (rev 295307)
+++ php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-02-21
17:44:25 UTC (rev 295308)
@@ -866,6 +866,10 @@
dir = VCWD_OPENDIR(path);
#ifdef PHP_WIN32
+ if (!dir) {
+ php_win32_docref2_from_error(GetLastError(), path, path
TSRMLS_CC);
+ }
+
if (dir dir-finished) {
closedir(dir);
dir = NULL;
Modified: php/php-src/trunk/main/streams/plain_wrapper.c
===
--- php/php-src/trunk/main/streams/plain_wrapper.c 2010-02-21 17:34:25 UTC
(rev 295307)
+++ php/php-src/trunk/main/streams/plain_wrapper.c 2010-02-21 17:44:25 UTC
(rev 295308)
@@ -863,6 +863,10 @@
dir = VCWD_OPENDIR(path);
#ifdef PHP_WIN32
+ if (!dir) {
+ php_win32_docref2_from_error(GetLastError(), path, path
TSRMLS_CC);
+ }
+
if (dir dir-finished) {
closedir(dir);
dir = NULL;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/streams/plain_wrapper.c trunk/main/streams/plain_wrapper.c
pajoye Wed, 27 Jan 2010 01:18:43 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=294069
Log:
- prevent bad things to happen when invalid path are passed to MoveFileEx
Changed paths:
U php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
U php/php-src/trunk/main/streams/plain_wrapper.c
Modified: php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
===
--- php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-01-27
00:59:33 UTC (rev 294068)
+++ php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-01-27
01:18:43 UTC (rev 294069)
@@ -38,6 +38,10 @@
#endif
#include SAPI.h
+#ifdef PHP_WIN32
+# include ext/standard/php_string.h
+#endif
+
#include php_streams_int.h
#define php_stream_fopen_from_fd_int(fd, mode, persistent_id)
_php_stream_fopen_from_fd_int((fd), (mode), (persistent_id) STREAMS_CC
TSRMLS_CC)
@@ -1060,6 +1064,28 @@
return 0;
}
+#ifdef PHP_WIN32
+ /* Prevent bad things to happen when passing ' ' to MoveFileEx */
+ {
+ int url_from_len = strlen(url_from);
+ int url_to_len = strlen(url_to);
+ char *trimed = php_trim(url_from, url_from_len, NULL, 0, NULL,
1 TSRMLS_CC);
+ int trimed_len = strlen(trimed);
+
+ if (trimed_len == 0 || trimed_len != url_from_len) {
+ php_win32_docref2_from_error(ERROR_INVALID_NAME,
url_from, url_to TSRMLS_CC);
+ return 0;
+ }
+
+ trimed = php_trim(url_to, url_to_len, NULL, 0, NULL, 1
TSRMLS_CC);
+ trimed_len = strlen(trimed);
+ if (trimed_len == 0 || trimed_len != url_to_len) {
+ php_win32_docref2_from_error(ERROR_INVALID_NAME,
url_from, url_to TSRMLS_CC);
+ return 0;
+ }
+ }
+#endif
+
if ((p = strstr(url_from, ://)) != NULL) {
url_from = p + 3;
}
@@ -1076,7 +1102,7 @@
if (php_check_open_basedir(url_from TSRMLS_CC) ||
php_check_open_basedir(url_to TSRMLS_CC)) {
return 0;
}
-
+__debugbreak();
ret = VCWD_RENAME(url_from, url_to);
if (ret == -1) {
Modified: php/php-src/trunk/main/streams/plain_wrapper.c
===
--- php/php-src/trunk/main/streams/plain_wrapper.c 2010-01-27 00:59:33 UTC
(rev 294068)
+++ php/php-src/trunk/main/streams/plain_wrapper.c 2010-01-27 01:18:43 UTC
(rev 294069)
@@ -1042,6 +1042,28 @@
return 0;
}
+#ifdef PHP_WIN32
+ /* Prevent bad things to happen when passing ' ' to MoveFileEx */
+ {
+ int url_from_len = strlen(url_from);
+ int url_to_len = strlen(url_to);
+ char *trimed = php_trim(url_from, url_from_len, NULL, 0, NULL,
1 TSRMLS_CC);
+ int trimed_len = strlen(trimed);
+
+ if (trimed_len == 0 || trimed_len != url_from_len) {
+ php_win32_docref2_from_error(ERROR_INVALID_NAME,
url_from, url_to TSRMLS_CC);
+ return 0;
+ }
+
+ trimed = php_trim(url_to, url_to_len, NULL, 0, NULL, 1
TSRMLS_CC);
+ trimed_len = strlen(trimed);
+ if (trimed_len == 0 || trimed_len != url_to_len) {
+ php_win32_docref2_from_error(ERROR_INVALID_NAME,
url_from, url_to TSRMLS_CC);
+ return 0;
+ }
+ }
+#endif
+
if ((p = strstr(url_from, ://)) != NULL) {
url_from = p + 3;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/streams/plain_wrapper.c trunk/main/streams/plain_wrapper.c
pajoye Wed, 27 Jan 2010 02:03:41 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=294070
Log:
- removed debug breakpoint and improve inline comment
Changed paths:
U php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
U php/php-src/trunk/main/streams/plain_wrapper.c
Modified: php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
===
--- php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-01-27
01:18:43 UTC (rev 294069)
+++ php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2010-01-27
02:03:41 UTC (rev 294070)
@@ -1065,7 +1065,7 @@
}
#ifdef PHP_WIN32
- /* Prevent bad things to happen when passing ' ' to MoveFileEx */
+ /* Prevent bad things to happen when invalid path are used with
MoveFileEx */
{
int url_from_len = strlen(url_from);
int url_to_len = strlen(url_to);
@@ -1102,7 +1102,7 @@
if (php_check_open_basedir(url_from TSRMLS_CC) ||
php_check_open_basedir(url_to TSRMLS_CC)) {
return 0;
}
-__debugbreak();
+
ret = VCWD_RENAME(url_from, url_to);
if (ret == -1) {
Modified: php/php-src/trunk/main/streams/plain_wrapper.c
===
--- php/php-src/trunk/main/streams/plain_wrapper.c 2010-01-27 01:18:43 UTC
(rev 294069)
+++ php/php-src/trunk/main/streams/plain_wrapper.c 2010-01-27 02:03:41 UTC
(rev 294070)
@@ -1043,7 +1043,7 @@
}
#ifdef PHP_WIN32
- /* Prevent bad things to happen when passing ' ' to MoveFileEx */
+ /* Prevent bad things to happen when invalid path are used with
MoveFileEx */
{
int url_from_len = strlen(url_from);
int url_to_len = strlen(url_to);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/ PHP_5_3/main/streams/plain_wrapper.c PHP_5_3_1/NEWS PHP_5_3_1/main/streams/plain_wrapper.c
johannes Thu, 12 Nov 2009 15:05:03 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=290578
Log:
Fix #50063 (safe_mode_include_dir fails)
Bug: http://bugs.php.net/50063 (Open) safe_mode_include_dir fails
Changed paths:
U php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
U php/php-src/branches/PHP_5_3_1/NEWS
U php/php-src/branches/PHP_5_3_1/main/streams/plain_wrapper.c
Modified: php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c
===
--- php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2009-11-12
14:28:14 UTC (rev 290577)
+++ php/php-src/branches/PHP_5_3/main/streams/plain_wrapper.c 2009-11-12
15:05:03 UTC (rev 290578)
@@ -988,6 +988,10 @@
return NULL;
}
+ if ((php_check_safe_mode_include_dir(path TSRMLS_CC)) == 0) {
+ return php_stream_fopen_rel(path, mode, opened_path, options);
+ }
+
if ((options ENFORCE_SAFE_MODE) PG(safe_mode)
(!php_checkuid(path, mode, CHECKUID_CHECK_MODE_PARAM)))
return NULL;
Modified: php/php-src/branches/PHP_5_3_1/NEWS
===
--- php/php-src/branches/PHP_5_3_1/NEWS 2009-11-12 14:28:14 UTC (rev 290577)
+++ php/php-src/branches/PHP_5_3_1/NEWS 2009-11-12 15:05:03 UTC (rev 290578)
@@ -1,8 +1,9 @@
PHPNEWS
|||
?? ??? 2009, PHP 5.3.1 RC4
+- Fixed bug #50063 (safe_mode_include_dir fails). (Johannes, christian at
+ elmerot dot se)
-
03 Nov 2009, PHP 5.3.1 RC3
- Added max_file_uploads INI directive, which can be set to limit the
number of file uploads per-request to 100 by default, to prevent possible
@@ -10,7 +11,7 @@
- Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
-- Fuxed bug #50052 (Different Hashes on Windows and Linux on wrong Salt size).
+- Fixed bug #50052 (Different Hashes on Windows and Linux on wrong Salt size).
(Pierre)
- Fixed bug #49908 (throwing exception in __autoload crashes when interface
is not defined). (Felipe)
Modified: php/php-src/branches/PHP_5_3_1/main/streams/plain_wrapper.c
===
--- php/php-src/branches/PHP_5_3_1/main/streams/plain_wrapper.c 2009-11-12
14:28:14 UTC (rev 290577)
+++ php/php-src/branches/PHP_5_3_1/main/streams/plain_wrapper.c 2009-11-12
15:05:03 UTC (rev 290578)
@@ -988,6 +988,10 @@
return NULL;
}
+ if ((php_check_safe_mode_include_dir(path TSRMLS_CC)) == 0) {
+ return php_stream_fopen_rel(path, mode, opened_path, options);
+ }
+
if ((options ENFORCE_SAFE_MODE) PG(safe_mode)
(!php_checkuid(path, mode, CHECKUID_CHECK_MODE_PARAM)))
return NULL;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
