tony2001 Tue Jan 17 23:47:09 2006 UTC Modified files: (Branch: PHP_5_1) /php-src/ext/gd gd.c Log: MFH: improve open_basedir checks in GD http://cvs.php.net/viewcvs.cgi/php-src/ext/gd/gd.c?r1=1.312.2.15&r2=1.312.2.16&diff_format=u Index: php-src/ext/gd/gd.c diff -u php-src/ext/gd/gd.c:1.312.2.15 php-src/ext/gd/gd.c:1.312.2.16 --- php-src/ext/gd/gd.c:1.312.2.15 Tue Jan 17 19:04:06 2006 +++ php-src/ext/gd/gd.c Tue Jan 17 23:47:08 2006 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: gd.c,v 1.312.2.15 2006/01/17 19:04:06 pajoye Exp $ */ +/* $Id: gd.c,v 1.312.2.16 2006/01/17 23:47:08 tony2001 Exp $ */ /* gd 1.2 is copyright 1994, 1995, Quest Protein Database Center, Cold Spring Harbor Labs. */ @@ -3201,6 +3201,8 @@ fontname = (unsigned char *) fontname; #endif + PHP_GD_CHECK_OPEN_BASEDIR(fontname, "Invalid font filename"); + #ifdef USE_GD_IMGSTRTTF # if HAVE_GD_STRINGFTEX if (extended) {
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php