sniper Mon Mar 14 04:02:25 2005 EDT
Modified files:
/php-src/ext/curl interface.c
Log:
- Fixed bug #30609 (cURL functions bypass open_basedir)
http://cvs.php.net/diff.php/php-src/ext/curl/interface.c?r1=1.54&r2=1.55&ty=u
Index: php-src/ext/curl/interface.c
diff -u php-src/ext/curl/interface.c:1.54 php-src/ext/curl/interface.c:1.55
--- php-src/ext/curl/interface.c:1.54 Wed Jan 5 16:33:56 2005
+++ php-src/ext/curl/interface.c Mon Mar 14 04:02:23 2005
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: interface.c,v 1.54 2005/01/05 21:33:56 jorton Exp $ */
+/* $Id: interface.c,v 1.55 2005/03/14 09:02:23 sniper Exp $ */
#define ZEND_INCLUDE_FULL_WINDOWS_HEADERS
@@ -49,6 +49,7 @@
#include "ext/standard/php_smart_str.h"
#include "ext/standard/info.h"
#include "ext/standard/file.h"
+#include "ext/standard/url.h"
#include "php_curl.h"
static void _php_curl_close(zend_rsrc_list_entry *rsrc TSRMLS_DC);
@@ -60,6 +61,26 @@
#define CAAS(s, v) add_assoc_string_ex(return_value, s, sizeof(s), (char *) v,
1);
#define CAAZ(s, v) add_assoc_zval_ex(return_value, s, sizeof(s), (zval *) v);
+#define PHP_CURL_CHECK_OPEN_BASEDIR(str, len)
\
+ if (PG(open_basedir) && *PG(open_basedir) &&
\
+ strncasecmp(str, "file://", sizeof("file://") - 1) == 0)
\
+ {
\
+ php_url *tmp_url;
\
+
\
+ if (!(tmp_url = php_url_parse_ex(str, len))) {
\
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid
url '%s'", str); \
+ RETURN_FALSE;
\
+ }
\
+
\
+ if (php_check_open_basedir(tmp_url->path TSRMLS_CC) ||
\
+ (PG(safe_mode) && !php_checkuid(tmp_url->path, "rb+",
CHECKUID_CHECK_MODE_PARAM)) \
+ ) {
\
+ php_url_free(tmp_url);
\
+ RETURN_FALSE;
\
+ }
\
+ php_url_free(tmp_url);
\
+ }
+
/* {{{ curl_functions[]
*/
function_entry curl_functions[] = {
@@ -779,6 +800,11 @@
WRONG_PARAM_COUNT;
}
+ if (argc > 0) {
+ convert_to_string_ex(url);
+ PHP_CURL_CHECK_OPEN_BASEDIR(Z_STRVAL_PP(url), Z_STRLEN_PP(url));
+ }
+
cp = curl_easy_init();
if (!cp) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not
initialize a new cURL handle");
@@ -815,7 +841,6 @@
if (argc > 0) {
char *urlcopy;
- convert_to_string_ex(url);
urlcopy = estrndup(Z_STRVAL_PP(url), Z_STRLEN_PP(url));
curl_easy_setopt(ch->cp, CURLOPT_URL, urlcopy);
@@ -861,7 +886,7 @@
}
/* }}} */
-/* {{{ proto bool curl_setopt(resource ch, string option, mixed value)
+/* {{{ proto bool curl_setopt(resource ch, int option, mixed value)
Set an option for a CURL transfer */
PHP_FUNCTION(curl_setopt)
{
@@ -966,8 +991,12 @@
char *copystr = NULL;
convert_to_string_ex(zvalue);
- copystr = estrndup(Z_STRVAL_PP(zvalue),
Z_STRLEN_PP(zvalue));
+ if (option == CURLOPT_URL) {
+
PHP_CURL_CHECK_OPEN_BASEDIR(Z_STRVAL_PP(zvalue), Z_STRLEN_PP(zvalue));
+ }
+
+ copystr = estrndup(Z_STRVAL_PP(zvalue),
Z_STRLEN_PP(zvalue));
error = curl_easy_setopt(ch->cp, option, copystr);
zend_llist_add_element(&ch->to_free.str, ©str);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
