ab5602 Wed Oct 10 23:54:39 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/main safe_mode.c Log: Fix for bug 41899, safe mode and relative paths with Solaris's broken getcwd(). http://cvs.php.net/viewvc.cgi/php-src/main/safe_mode.c?r1=1.62.2.1.2.10&r2=1.62.2.1.2.11&diff_format=u Index: php-src/main/safe_mode.c diff -u php-src/main/safe_mode.c:1.62.2.1.2.10 php-src/main/safe_mode.c:1.62.2.1.2.11 --- php-src/main/safe_mode.c:1.62.2.1.2.10 Sun Sep 23 15:19:21 2007 +++ php-src/main/safe_mode.c Wed Oct 10 23:54:39 2007 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: safe_mode.c,v 1.62.2.1.2.10 2007/09/23 15:19:21 iliaa Exp $ */ +/* $Id: safe_mode.c,v 1.62.2.1.2.11 2007/10/10 23:54:39 ab5602 Exp $ */ #include "php.h" @@ -86,7 +86,15 @@ * If that fails, passthrough and check directory... */ if (mode != CHECKUID_ALLOW_ONLY_DIR) { - expand_filepath(filename, path TSRMLS_CC); + + char ftest[MAXPATHLEN]; + strcpy(ftest,filename); + if (VCWD_GETCWD(ftest, sizeof(ftest)) == NULL) { + strcpy(path,filename); + } else { + expand_filepath(filename, path TSRMLS_CC); + } + ret = VCWD_STAT(path, &sb); if (ret < 0) { if (mode == CHECKUID_DISALLOW_FILE_NOT_EXISTS) {
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php