tony2001 Mon Jun 4 15:38:12 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/sapi/cgi cgi_main.c Log: MFH: add missing open_basedir checks to CGI http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.40&r2=1.267.2.15.2.41&diff_format=u Index: php-src/sapi/cgi/cgi_main.c diff -u php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.40 php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.41 --- php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.40 Mon May 28 08:11:59 2007 +++ php-src/sapi/cgi/cgi_main.c Mon Jun 4 15:38:12 2007 @@ -21,7 +21,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: cgi_main.c,v 1.267.2.15.2.40 2007/05/28 08:11:59 dmitry Exp $ */ +/* $Id: cgi_main.c,v 1.267.2.15.2.41 2007/06/04 15:38:12 tony2001 Exp $ */ #include "php.h" #include "php_globals.h" @@ -1682,7 +1682,9 @@ */ retval = FAILURE; if (cgi || SG(request_info).path_translated) { - retval = php_fopen_primary_script(&file_handle TSRMLS_CC); + if (!php_check_open_basedir(SG(request_info).path_translated TSRMLS_CC)) { + retval = php_fopen_primary_script(&file_handle TSRMLS_CC); + } } /* if we are unable to open path_translated and we are not @@ -1704,9 +1706,21 @@ goto fastcgi_request_done; } #endif + + STR_FREE(SG(request_info).path_translated); + + if (free_query_string && SG(request_info).query_string) { + free(SG(request_info).query_string); + SG(request_info).query_string = NULL; + } + php_request_shutdown((void *) 0); SG(server_context) = NULL; php_module_shutdown(TSRMLS_C); + sapi_shutdown(); +#ifdef ZTS + tsrm_shutdown(); +#endif return FAILURE; }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php