iliaa Sat Sep 16 18:31:07 2006 UTC
Modified files:
/php-src/ext/pdo_sqlite sqlite_driver.c
/php-src/ext/standard link.c
Log:
MFB: Additional expand_filepath() checks
http://cvs.php.net/viewvc.cgi/php-src/ext/pdo_sqlite/sqlite_driver.c?r1=1.29&r2=1.30&diff_format=u
Index: php-src/ext/pdo_sqlite/sqlite_driver.c
diff -u php-src/ext/pdo_sqlite/sqlite_driver.c:1.29
php-src/ext/pdo_sqlite/sqlite_driver.c:1.30
--- php-src/ext/pdo_sqlite/sqlite_driver.c:1.29 Sun Feb 19 00:55:20 2006
+++ php-src/ext/pdo_sqlite/sqlite_driver.c Sat Sep 16 18:31:06 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: sqlite_driver.c,v 1.29 2006/02/19 00:55:20 andi Exp $ */
+/* $Id: sqlite_driver.c,v 1.30 2006/09/16 18:31:06 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -677,6 +677,10 @@
if (strncmp(filename, ":memory:", sizeof(":memory:")-1)) {
char *fullpath = expand_filepath(filename, NULL TSRMLS_CC);
+ if (!fullpath) {
+ return NULL;
+ }
+
if (php_check_open_basedir(fullpath TSRMLS_CC)) {
efree(fullpath);
return NULL;
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/link.c?r1=1.56&r2=1.57&diff_format=u
Index: php-src/ext/standard/link.c
diff -u php-src/ext/standard/link.c:1.56 php-src/ext/standard/link.c:1.57
--- php-src/ext/standard/link.c:1.56 Sun Feb 19 18:19:33 2006
+++ php-src/ext/standard/link.c Sat Sep 16 18:31:07 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: link.c,v 1.56 2006/02/19 18:19:33 iliaa Exp $ */
+/* $Id: link.c,v 1.57 2006/09/16 18:31:07 iliaa Exp $ */
#include "php.h"
#include "php_filestat.h"
@@ -117,14 +117,15 @@
convert_to_string_ex(topath);
convert_to_string_ex(frompath);
- expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC);
- expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC);
+ if (!expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC) ||
!expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC)) {
+ RETURN_FALSE;
+ }
if (php_stream_locate_url_wrapper(source_p, NULL,
STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ||
php_stream_locate_url_wrapper(dest_p, NULL,
STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) )
{
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to symlink
to a URL");
- RETURN_FALSE;
+ RETURN_FALSE;
}
if (php_check_open_basedir(dest_p TSRMLS_CC)) {
@@ -164,14 +165,15 @@
convert_to_string_ex(topath);
convert_to_string_ex(frompath);
- expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC);
- expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC);
+ if (!expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC) ||
!expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC)) {
+ RETURN_FALSE;
+ }
if (php_stream_locate_url_wrapper(source_p, NULL,
STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ||
php_stream_locate_url_wrapper(dest_p, NULL,
STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) )
{
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to link to
a URL");
- RETURN_FALSE;
+ RETURN_FALSE;
}
if (php_check_open_basedir(dest_p TSRMLS_CC)) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
