iliaa Sun Oct 27 19:28:11 2002 EDT Modified files: /php4/main streams.c Log: Fixed bug #20110. Index: php4/main/streams.c diff -u php4/main/streams.c:1.119 php4/main/streams.c:1.120 --- php4/main/streams.c:1.119 Sun Oct 27 18:34:48 2002 +++ php4/main/streams.c Sun Oct 27 19:28:11 2002 @@ -20,7 +20,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: streams.c,v 1.119 2002/10/27 23:34:48 shane Exp $ */ +/* $Id: streams.c,v 1.120 2002/10/28 00:28:11 iliaa Exp $ */ #define _GNU_SOURCE #include "php.h" @@ -1644,13 +1644,20 @@ { FILE *fp; char *realpath = NULL; + struct stat st; + php_stream *ret; realpath = expand_filepath(filename, NULL TSRMLS_CC); fp = fopen(realpath, mode); if (fp) { - php_stream *ret = php_stream_fopen_from_file_rel(fp, mode); + /* this is done to prevent opening of anything other then regular +files */ + if (fstat(fileno(fp), &st) == -1 || !S_ISREG(st.st_mode)) { + goto err; + } + + ret = php_stream_fopen_from_file_rel(fp, mode); if (ret) { if (opened_path) { @@ -1662,7 +1669,7 @@ return ret; } - + err: fclose(fp); } efree(realpath);
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php