[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/standard basic_functions.c file.c

Thu, 12 Oct 2006 18:42:31 -0700 

iliaa           Fri Oct 13 01:42:20 2006 UTC

  Modified files:              (Branch: PHP_5_2)
    /php-src/ext/standard       basic_functions.c file.c 
    /php-src    NEWS 
  Log:
  Fixed bug #38934 (move_uploaded_file() cannot read uploaded file outside of
  open_basedir). 
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/basic_functions.c?r1=1.725.2.31.2.27&r2=1.725.2.31.2.28&diff_format=u
Index: php-src/ext/standard/basic_functions.c
diff -u php-src/ext/standard/basic_functions.c:1.725.2.31.2.27 
php-src/ext/standard/basic_functions.c:1.725.2.31.2.28
--- php-src/ext/standard/basic_functions.c:1.725.2.31.2.27      Mon Oct  2 
07:58:13 2006
+++ php-src/ext/standard/basic_functions.c      Fri Oct 13 01:42:19 2006
@@ -17,7 +17,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: basic_functions.c,v 1.725.2.31.2.27 2006/10/02 07:58:13 bjori Exp $ */
+/* $Id: basic_functions.c,v 1.725.2.31.2.28 2006/10/13 01:42:19 iliaa Exp $ */
 
 #include "php.h"
 #include "php_streams.h"
@@ -6032,8 +6032,7 @@
        VCWD_UNLINK(Z_STRVAL_PP(new_path));
        if (rename(Z_STRVAL_PP(path), Z_STRVAL_PP(new_path)) == 0) {
                successful = 1;
-       } else
-               if (php_copy_file(Z_STRVAL_PP(path), Z_STRVAL_PP(new_path) 
TSRMLS_CC) == SUCCESS) {
+       } else if (php_copy_file_ex(Z_STRVAL_PP(path), Z_STRVAL_PP(new_path), 
STREAM_DISABLE_OPEN_BASEDIR TSRMLS_CC) == SUCCESS) {
                VCWD_UNLINK(Z_STRVAL_PP(path));
                successful = 1;
        }
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/file.c?r1=1.409.2.6.2.6&r2=1.409.2.6.2.7&diff_format=u
Index: php-src/ext/standard/file.c
diff -u php-src/ext/standard/file.c:1.409.2.6.2.6 
php-src/ext/standard/file.c:1.409.2.6.2.7
--- php-src/ext/standard/file.c:1.409.2.6.2.6   Fri Aug 18 12:50:57 2006
+++ php-src/ext/standard/file.c Fri Oct 13 01:42:19 2006
@@ -21,7 +21,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: file.c,v 1.409.2.6.2.6 2006/08/18 12:50:57 tony2001 Exp $ */
+/* $Id: file.c,v 1.409.2.6.2.7 2006/10/13 01:42:19 iliaa Exp $ */
 
 /* Synced with php 3.0 revision 1.218 1999-06-16 [ssb] */
 
@@ -1711,9 +1711,14 @@
 }
 /* }}} */
 
+PHPAPI int php_copy_file(char *src, char *dest TSRMLS_DC)
+{
+       return php_copy_file_ex(src, dest, ENFORCE_SAFE_MODE TSRMLS_CC);
+}
+
 /* {{{ php_copy_file
  */
-PHPAPI int php_copy_file(char *src, char *dest TSRMLS_DC)
+PHPAPI int php_copy_file_ex(char *src, char *dest, int src_chk TSRMLS_DC)
 {
        php_stream *srcstream = NULL, *deststream = NULL;
        int ret = FAILURE;
@@ -1768,7 +1773,7 @@
        }
 safe_to_copy:
 
-       srcstream = php_stream_open_wrapper(src, "rb", ENFORCE_SAFE_MODE | 
REPORT_ERRORS, NULL);
+       srcstream = php_stream_open_wrapper(src, "rb", src_chk | REPORT_ERRORS, 
NULL);
        
        if (!srcstream) {
                return ret;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.304&r2=1.2027.2.547.2.305&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.304 php-src/NEWS:1.2027.2.547.2.305
--- php-src/NEWS:1.2027.2.547.2.304     Wed Oct 11 23:36:32 2006
+++ php-src/NEWS        Fri Oct 13 01:42:20 2006
@@ -13,6 +13,8 @@
 - Fixed bug #39067 (getDeclaringClass() and private properties). (Tony)
 - Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty
   files). (Ilia)
+- Fixed bug #38934 (move_uploaded_file() cannot read uploaded file outside of
+  open_basedir). (Ilia)
 - Fixed bug #38649 (uninit'd optional arg in stream_socket_sendto()). (Sara)
 - Fixed bug #38198 (possible crash when COM reports an exception). (Ilia)
 - Fixed bug #37262 (var_export() does not escape \0 character). (Ilia)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to