iliaa           Sun Oct 20 16:44:11 2002 EDT

  Modified files:              
    /php4/main  streams.c 
  Log:
  Fixed incorrect handling of files starting with a .
  
  
  
Index: php4/main/streams.c
diff -u php4/main/streams.c:1.112 php4/main/streams.c:1.113
--- php4/main/streams.c:1.112   Sat Oct 19 09:11:48 2002
+++ php4/main/streams.c Sun Oct 20 16:44:10 2002
@@ -20,7 +20,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: streams.c,v 1.112 2002/10/19 13:11:48 wez Exp $ */
+/* $Id: streams.c,v 1.113 2002/10/20 20:44:10 iliaa Exp $ */
 
 #define _GNU_SOURCE
 #include "php.h"
@@ -1518,7 +1518,16 @@
        filename_length = strlen(filename);
 
        /* Relative path open */
-       if (*filename == '.') {
+       if (*filename == '.' && (*(filename+1) == '/' || *(filename+1) == '.')) {
+               /* further checks, we could have ....... filenames */
+               ptr = filename + 1;
+               if (ptr == '.') {
+                       while (*(++ptr) == '.');
+                       if (ptr != '/') { /* not a relative path after all */
+                               goto not_relative_path;
+                       }
+               }
+
 
                if (php_check_open_basedir(filename TSRMLS_CC)) {
                        return NULL;
@@ -1534,6 +1543,8 @@
         * files in safe_mode_include_dir (or subdir) are excluded from
         * safe mode GID/UID checks
         */
+
+       not_relative_path:
 
        /* Absolute path open */
        if (IS_ABSOLUTE_PATH(filename, filename_length)) {



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to