pollita Mon Dec 1 14:47:06 2003 EDT
Modified files:
/php-src/main php_streams.h
/php-src/main/streams plain_wrapper.c
/php-src/ext/standard filestat.c
Log:
Move safemode/basedir checks for url_stat to plain_wrapper.
Index: php-src/main/php_streams.h
diff -u php-src/main/php_streams.h:1.86 php-src/main/php_streams.h:1.87
--- php-src/main/php_streams.h:1.86 Fri Nov 28 18:25:26 2003
+++ php-src/main/php_streams.h Mon Dec 1 14:47:03 2003
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_streams.h,v 1.86 2003/11/28 23:25:26 pollita Exp $ */
+/* $Id: php_streams.h,v 1.87 2003/12/01 19:47:03 pollita Exp $ */
#ifndef PHP_STREAMS_H
#define PHP_STREAMS_H
@@ -319,6 +319,7 @@
/* Flags for url_stat method in wrapper ops */
#define PHP_STREAM_URL_STAT_LINK 1
+#define PHP_STREAM_URL_STAT_QUIET 2
/* change the blocking mode of stream: value == 1 => blocking, value == 0 =>
non-blocking. */
#define PHP_STREAM_OPTION_BLOCKING 1
Index: php-src/main/streams/plain_wrapper.c
diff -u php-src/main/streams/plain_wrapper.c:1.28
php-src/main/streams/plain_wrapper.c:1.29
--- php-src/main/streams/plain_wrapper.c:1.28 Fri Nov 28 18:25:27 2003
+++ php-src/main/streams/plain_wrapper.c Mon Dec 1 14:47:04 2003
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: plain_wrapper.c,v 1.28 2003/11/28 23:25:27 pollita Exp $ */
+/* $Id: plain_wrapper.c,v 1.29 2003/12/01 19:47:04 pollita Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -898,6 +898,19 @@
static int php_plain_files_url_stater(php_stream_wrapper *wrapper, char *url, int
flags, php_stream_statbuf *ssb, php_stream_context *context TSRMLS_DC)
{
+
+ if (strncmp(url, "file://", 7) == 0) {
+ url += 7;
+ }
+
+ if (PG(safe_mode) &&(!php_checkuid_ex(url, NULL, CHECKUID_CHECK_FILE_AND_DIR,
(flags & PHP_STREAM_URL_STAT_QUIET) ? CHECKUID_NO_ERRORS : 0))) {
+ return -1;
+ }
+
+ if (php_check_open_basedir_ex(url, (flags & PHP_STREAM_URL_STAT_QUIET) ? 0 : 1
TSRMLS_CC)) {
+ return -1;
+ }
+
#ifdef HAVE_SYMLINK
if (flags & PHP_STREAM_URL_STAT_LINK) {
return VCWD_LSTAT(url, &ssb->sb);
Index: php-src/ext/standard/filestat.c
diff -u php-src/ext/standard/filestat.c:1.128 php-src/ext/standard/filestat.c:1.129
--- php-src/ext/standard/filestat.c:1.128 Fri Nov 28 18:25:26 2003
+++ php-src/ext/standard/filestat.c Mon Dec 1 14:47:05 2003
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: filestat.c,v 1.128 2003/11/28 23:25:26 pollita Exp $ */
+/* $Id: filestat.c,v 1.129 2003/12/01 19:47:05 pollita Exp $ */
#include "php.h"
#include "safe_mode.h"
@@ -552,7 +552,7 @@
struct stat *stat_sb;
#endif
php_stream_statbuf ssb;
- int rmask=S_IROTH, wmask=S_IWOTH, xmask=S_IXOTH; /* access rights defaults to
other */
+ int flags = 0, rmask=S_IROTH, wmask=S_IWOTH, xmask=S_IXOTH; /* access rights
defaults to other */
char *stat_sb_names[13]={"dev", "ino", "mode", "nlink", "uid", "gid", "rdev",
"size", "atime", "mtime", "ctime", "blksize", "blocks"};
@@ -560,16 +560,14 @@
RETURN_FALSE;
}
- if (PG(safe_mode) &&(!php_checkuid_ex(filename, NULL,
CHECKUID_CHECK_FILE_AND_DIR, IS_EXISTS_CHECK(type) ? CHECKUID_NO_ERRORS : 0))) {
- RETURN_FALSE;
+ if (IS_LINK_OPERATION(type)) {
+ flags |= PHP_STREAM_URL_STAT_LINK;
}
-
- if (php_check_open_basedir_ex(filename, IS_EXISTS_CHECK(type) ? 0 : 1
TSRMLS_CC)) {
- RETURN_FALSE;
+ if (IS_EXISTS_CHECK(type)) {
+ flags |= PHP_STREAM_URL_STAT_QUIET;
}
-
- if (php_stream_stat_path_ex((char *)filename, (IS_LINK_OPERATION(type) ?
PHP_STREAM_URL_STAT_LINK : 0), &ssb, NULL)) {
+ if (php_stream_stat_path_ex((char *)filename, flags, &ssb, NULL)) {
/* Error Occured */
if (!IS_EXISTS_CHECK(type)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "%sstat failed for
%s", IS_LINK_OPERATION(type) ? "L" : "", filename);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
