tony2001 Mon Jun 4 15:37:38 2007 UTC
Modified files:
/php-src/sapi/cgi cgi_main.c
Log:
add missing open_basedir checks to CGI
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.324&r2=1.325&diff_format=u
Index: php-src/sapi/cgi/cgi_main.c
diff -u php-src/sapi/cgi/cgi_main.c:1.324 php-src/sapi/cgi/cgi_main.c:1.325
--- php-src/sapi/cgi/cgi_main.c:1.324 Tue May 29 00:01:14 2007
+++ php-src/sapi/cgi/cgi_main.c Mon Jun 4 15:37:38 2007
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: cgi_main.c,v 1.324 2007/05/29 00:01:14 iliaa Exp $ */
+/* $Id: cgi_main.c,v 1.325 2007/06/04 15:37:38 tony2001 Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -1603,7 +1603,9 @@
*/
retval = FAILURE;
if (cgi || SG(request_info).path_translated) {
- retval = php_fopen_primary_script(&file_handle
TSRMLS_CC);
+ if
(!php_check_open_basedir(SG(request_info).path_translated TSRMLS_CC)) {
+ retval =
php_fopen_primary_script(&file_handle TSRMLS_CC);
+ }
}
/*
if we are unable to open path_translated and we
are not
@@ -1623,9 +1625,21 @@
if (fastcgi) {
goto fastcgi_request_done;
}
+
+ STR_FREE(SG(request_info).path_translated);
+
+ if (free_query_string &&
SG(request_info).query_string) {
+ free(SG(request_info).query_string);
+ SG(request_info).query_string = NULL;
+ }
+
php_request_shutdown((void *) 0);
SG(server_context) = NULL;
php_module_shutdown(TSRMLS_C);
+ sapi_shutdown();
+#ifdef ZTS
+ tsrm_shutdown();
+#endif
return FAILURE;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
