[PHP-CVS] cvs: php4(PHP_4_3) /main fopen_wrappers.c streams.c

Sun, 23 Feb 2003 14:02:58 -0800 

rasmus          Sun Feb 23 17:03:55 2003 EDT

  Modified files:              (Branch: PHP_4_3)
    /php4/main  fopen_wrappers.c streams.c 
  Log:
  open_basedir fixes from David Saez
  
  
Index: php4/main/fopen_wrappers.c
diff -u php4/main/fopen_wrappers.c:1.153.2.2 php4/main/fopen_wrappers.c:1.153.2.3
--- php4/main/fopen_wrappers.c:1.153.2.2        Tue Dec 31 11:25:01 2002
+++ php4/main/fopen_wrappers.c  Sun Feb 23 17:03:54 2003
@@ -16,7 +16,7 @@
    |          Jim Winstead <[EMAIL PROTECTED]>                                 |
    +----------------------------------------------------------------------+
  */
-/* $Id: fopen_wrappers.c,v 1.153.2.2 2002/12/31 16:25:01 sebastian Exp $ */
+/* $Id: fopen_wrappers.c,v 1.153.2.3 2003/02/23 22:03:54 rasmus Exp $ */
 
 /* {{{ includes
  */
@@ -192,7 +192,7 @@
                        ptr = end;
                }
                php_error_docref(NULL TSRMLS_CC, E_WARNING, 
-                       "open_basedir restriction in effect. File(%s) is not within 
the allowed path(s): (%s)", path, pathbuf);
+                       "open_basedir restriction in effect. File(%s) is not within 
the allowed path(s): (%s)", path, PG(open_basedir));
                efree(pathbuf);
                errno = EPERM; /* we deny permission to open it */
                return -1;
Index: php4/main/streams.c
diff -u php4/main/streams.c:1.125.2.33 php4/main/streams.c:1.125.2.34
--- php4/main/streams.c:1.125.2.33      Fri Feb 21 21:43:58 2003
+++ php4/main/streams.c Sun Feb 23 17:03:54 2003
@@ -20,7 +20,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: streams.c,v 1.125.2.33 2003/02/22 02:43:58 wez Exp $ */
+/* $Id: streams.c,v 1.125.2.34 2003/02/23 22:03:54 rasmus Exp $ */
 
 #define _GNU_SOURCE
 #include "php.h"
@@ -1763,6 +1763,12 @@
                        end++;
                }
                snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename);
+
+               /* If file does not exist continue */
+               if (VCWD_STAT(trypath, &sb) != 0) {
+                       ptr = end;
+                       continue;
+               }
                
                if (php_check_open_basedir(trypath TSRMLS_CC)) {
                        stream = NULL;
@@ -1770,17 +1776,15 @@
                }
                
                if (PG(safe_mode)) {
-                       if (VCWD_STAT(trypath, &sb) == 0) {
-                               /* file exists ... check permission */
-                               if ((php_check_safe_mode_include_dir(trypath 
TSRMLS_CC) == 0) ||
-                                               php_checkuid(trypath, mode, 
CHECKUID_CHECK_MODE_PARAM)) {
-                                       /* UID ok, or trypath is in 
safe_mode_include_dir */
-                                       stream = php_stream_fopen_rel(trypath, mode, 
opened_path, options);
-                               } else {
-                                       stream = NULL;
-                               }
-                               goto stream_done;
+                       /* file exists ... check permission */
+                       if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) 
||
+                                       php_checkuid(trypath, mode, 
CHECKUID_CHECK_MODE_PARAM)) {
+                               /* UID ok, or trypath is in safe_mode_include_dir */
+                               stream = php_stream_fopen_rel(trypath, mode, 
opened_path, options);
+                       } else {
+                               stream = NULL;
                        }
+                       goto stream_done;
                }
                stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
                if (stream) {



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to