tony2001 Mon Jun 4 15:38:12 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src/sapi/cgi cgi_main.c
Log:
MFH: add missing open_basedir checks to CGI
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.40&r2=1.267.2.15.2.41&diff_format=u
Index: php-src/sapi/cgi/cgi_main.c
diff -u php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.40
php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.41
--- php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.40 Mon May 28 08:11:59 2007
+++ php-src/sapi/cgi/cgi_main.c Mon Jun 4 15:38:12 2007
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: cgi_main.c,v 1.267.2.15.2.40 2007/05/28 08:11:59 dmitry Exp $ */
+/* $Id: cgi_main.c,v 1.267.2.15.2.41 2007/06/04 15:38:12 tony2001 Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -1682,7 +1682,9 @@
*/
retval = FAILURE;
if (cgi || SG(request_info).path_translated) {
- retval = php_fopen_primary_script(&file_handle
TSRMLS_CC);
+ if
(!php_check_open_basedir(SG(request_info).path_translated TSRMLS_CC)) {
+ retval = php_fopen_primary_script(&file_handle
TSRMLS_CC);
+ }
}
/*
if we are unable to open path_translated and we are not
@@ -1704,9 +1706,21 @@
goto fastcgi_request_done;
}
#endif
+
+ STR_FREE(SG(request_info).path_translated);
+
+ if (free_query_string && SG(request_info).query_string)
{
+ free(SG(request_info).query_string);
+ SG(request_info).query_string = NULL;
+ }
+
php_request_shutdown((void *) 0);
SG(server_context) = NULL;
php_module_shutdown(TSRMLS_C);
+ sapi_shutdown();
+#ifdef ZTS
+ tsrm_shutdown();
+#endif
return FAILURE;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
