kalle Mon, 26 Apr 2010 23:55:03 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=298626
Log:
Merge safe_mode changes into extensions that are in sync in both branches
Changed paths:
U php/php-src/branches/PHP_5_3/ext/enchant/enchant.c
U php/php-src/branches/PHP_5_3/ext/fileinfo/fileinfo.c
U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/apprentice.c
U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.c
U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.h
U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/magic.c
U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/readcdf.c
U php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic.patch
U php/php-src/branches/PHP_5_3/ext/mysql/php_mysql.c
U
php/php-src/branches/PHP_5_3/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt
U php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_api.c
U php/php-src/branches/PHP_5_3/ext/mysqlnd/mysqlnd_net.c
U php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_driver.c
U php/php-src/branches/PHP_5_3/ext/phar/phar.c
U php/php-src/branches/PHP_5_3/ext/phar/phar_object.c
U php/php-src/branches/PHP_5_3/ext/phar/util.c
U php/php-src/branches/PHP_5_3/ext/sqlite3/sqlite3.c
U php/php-src/branches/PHP_5_3/ext/sqlite3/tests/sqlite3_21_security.phpt
U php/php-src/branches/PHP_5_3/ext/zip/php_zip.c
U php/php-src/branches/PHP_5_3/ext/zip/php_zip.h
U php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c
Modified: php/php-src/branches/PHP_5_3/ext/enchant/enchant.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/enchant/enchant.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/enchant/enchant.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -587,7 +587,11 @@
RETURN_FALSE;
}
+#if PHP_API_VERSION < 20100412
if ((PG(safe_mode) && (!php_checkuid(pwl, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(pwl TSRMLS_CC)) {
+#else
+ if (php_check_open_basedir(pwl TSRMLS_CC)) {
+#endif
RETURN_FALSE;
}
Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/fileinfo.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/fileinfo/fileinfo.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/fileinfo/fileinfo.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -167,7 +167,7 @@
/* {{{ finfo_class_functions
*/
-function_entry finfo_class_functions[] = {
+zend_function_entry finfo_class_functions[] = {
ZEND_ME_MAPPING(finfo, finfo_open, arginfo_finfo_open, ZEND_ACC_PUBLIC)
ZEND_ME_MAPPING(set_flags, finfo_set_flags,arginfo_finfo_method_set_flags, ZEND_ACC_PUBLIC)
ZEND_ME_MAPPING(file, finfo_file, arginfo_finfo_method_file, ZEND_ACC_PUBLIC)
@@ -201,7 +201,7 @@
/* {{{ fileinfo_functions[]
*/
-function_entry fileinfo_functions[] = {
+zend_function_entry fileinfo_functions[] = {
PHP_FE(finfo_open, arginfo_finfo_open)
PHP_FE(finfo_close, arginfo_finfo_close)
PHP_FE(finfo_set_flags, arginfo_finfo_set_flags)
@@ -297,7 +297,11 @@
}
file = resolved_path;
+#if PHP_API_VERSION < 20100412
if ((PG(safe_mode) && (!php_checkuid(file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(file TSRMLS_CC)) {
+#else
+ if (php_check_open_basedir(file TSRMLS_CC)) {
+#endif
RETURN_FALSE;
}
}
@@ -492,8 +496,11 @@
if (wrap) {
php_stream_context *context = php_stream_context_from_zval(zcontext, 0);
-
+#if PHP_API_VERSION < 20100412
php_stream *stream = php_stream_open_wrapper_ex(buffer, "rb", ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context);
+#else
+ php_stream *stream = php_stream_open_wrapper_ex(buffer, "rb", REPORT_ERRORS, NULL, context);
+#endif
if (!stream) {
RETVAL_FALSE;
Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/apprentice.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/apprentice.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/apprentice.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -597,7 +597,7 @@
TSRMLS_FETCH();
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
#else
stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL);
@@ -2041,7 +2041,7 @@
if (dbname == NULL)
goto error2;
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
#else
stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL);
@@ -2165,7 +2165,7 @@
}
/* wb+ == O_WRONLY|O_CREAT|O_TRUNC|O_BINARY */
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
#else
stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS, NULL);
Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -1131,7 +1131,7 @@
break;
case CDF_FILETIME:
tp = info[i].pi_tp;
-#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
+#if defined(PHP_WIN32) && _MSC_VER <= 1500
if (tp < 1000000000000000i64) {
#else
if (tp < 1000000000000000LL) {
Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.h
===================================================================
--- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.h 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/cdf.h 2010-04-26 23:55:03 UTC (rev 298626)
@@ -42,7 +42,7 @@
typedef struct {
uint64_t h_magic;
-#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
+#if defined(PHP_WIN32) && _MSC_VER <= 1500
# define CDF_MAGIC 0xE11AB1A1E011CFD0i64
#else
# define CDF_MAGIC 0xE11AB1A1E011CFD0LL
Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/magic.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/magic.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/magic.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -290,7 +290,7 @@
if (!stream && inname) {
no_in_stream = 1;
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
#else
stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS, NULL);
Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/readcdf.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/readcdf.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic/readcdf.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -110,7 +110,7 @@
case CDF_FILETIME:
tp = info[i].pi_tp;
if (tp != 0) {
-#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
+#if defined(PHP_WIN32) && _MSC_VER <= 1500
if (tp < 1000000000000000i64) {
#else
if (tp < 1000000000000000LL) {
Modified: php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic.patch
===================================================================
--- php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic.patch 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/fileinfo/libmagic.patch 2010-04-26 23:55:03 UTC (rev 298626)
@@ -257,7 +257,7 @@
+
+ TSRMLS_FETCH();
+
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
+ stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
+#else
+ stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL);
@@ -490,7 +490,7 @@
goto error2;
- if ((fd = open(dbname, O_RDONLY|O_BINARY)) == -1)
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
+ stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
+#else
+ stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL);
@@ -647,7 +647,7 @@
- if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0644)) == -1) {
+/* wb+ == O_WRONLY|O_CREAT|O_TRUNC|O_BINARY */
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
+ stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
+#else
+ stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS, NULL);
@@ -799,7 +799,7 @@
break;
case CDF_FILETIME:
tp = info[i].pi_tp;
-+#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
++#if defined(PHP_WIN32) && _MSC_VER <= 1500
+ if (tp < 1000000000000000i64) {
+#else
if (tp < 1000000000000000LL) {
@@ -822,7 +822,7 @@
typedef struct {
uint64_t h_magic;
-#define CDF_MAGIC 0xE11AB1A1E011CFD0LL
-+#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
++#if defined(PHP_WIN32) && _MSC_VER <= 1500
+# define CDF_MAGIC 0xE11AB1A1E011CFD0i64
+#else
+# define CDF_MAGIC 0xE11AB1A1E011CFD0LL
@@ -2019,7 +2019,7 @@
+
+ if (!stream && inname) {
+ no_in_stream = 1;
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
+ stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
+#else
+ stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS, NULL);
@@ -2392,7 +2392,7 @@
case CDF_FILETIME:
tp = info[i].pi_tp;
if (tp != 0) {
-+#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
++#if defined(PHP_WIN32) && _MSC_VER <= 1500
+ if (tp < 1000000000000000i64) {
+#else
if (tp < 1000000000000000LL) {
@@ -2773,7 +2773,7 @@
+
+ convert_libmagic_pattern(pattern, options);
+
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
+ if ((pce = pcre_get_compiled_regex_cache(Z_STRVAL_P(pattern), Z_STRLEN_P(pattern) TSRMLS_CC)) == NULL) {
#else
- pmatch[0].rm_so = 0;
@@ -2800,7 +2800,7 @@
+ haystack = estrndup(ms->search.s, ms->search.s_len);
+
+ /* match v = 0, no match v = 1 */
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
+ php_pcre_match_impl(pce, haystack, ms->search.s_len, retval, subpats, 1, 1, PREG_OFFSET_CAPTURE, 0 TSRMLS_CC);
+#else
+ php_pcre_match_impl(pce, IS_STRING, haystack, ms->search.s_len, retval, subpats, 1, 1, PREG_OFFSET_CAPTURE, 0 TSRMLS_CC);
Modified: php/php-src/branches/PHP_5_3/ext/mysql/php_mysql.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/mysql/php_mysql.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/mysql/php_mysql.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -664,7 +664,11 @@
}
/* disable local infile option for open_basedir */
+#if PHP_API_VERSION < 20100412
if (((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) && (client_flags & CLIENT_LOCAL_FILES)) {
+#else
+ if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') && (client_flags & CLIENT_LOCAL_FILES)) {
+#endif
client_flags ^= CLIENT_LOCAL_FILES;
}
Modified: php/php-src/branches/PHP_5_3/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt
===================================================================
--- php/php-src/branches/PHP_5_3/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt 2010-04-26 23:55:03 UTC (rev 298626)
@@ -26,7 +26,6 @@
}
?>
--INI--
-safe_mode=0
open_basedir="."
--FILE--
<?php
Modified: php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_api.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_api.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_api.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -1674,7 +1674,11 @@
}
MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link, "mysqli_link", MYSQLI_STATUS_INITIALIZED);
+#if PHP_API_VERSION < 20100412
if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) {
+#else
+ if (PG(open_basedir) && PG(open_basedir)[0] != '\0') {
+#endif
if(mysql_option == MYSQL_OPT_LOCAL_INFILE) {
RETURN_FALSE;
}
Modified: php/php-src/branches/PHP_5_3/ext/mysqlnd/mysqlnd_net.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/mysqlnd/mysqlnd_net.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/mysqlnd/mysqlnd_net.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -102,7 +102,11 @@
static enum_func_status
MYSQLND_METHOD(mysqlnd_net, connect)(MYSQLND_NET * net, const char * const scheme, size_t scheme_len, zend_bool persistent, char **errstr, int * errcode TSRMLS_DC)
{
+#if PHP_API_VERSION < 20100412
unsigned int streams_options = ENFORCE_SAFE_MODE;
+#else
+ unsigned int streams_options = 0;
+#endif
unsigned int streams_flags = STREAM_XPORT_CLIENT | STREAM_XPORT_CONNECT;
char * hashed_details = NULL;
int hashed_details_len = 0;
Modified: php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_driver.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_driver.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_driver.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -649,7 +649,7 @@
goto cleanup;
}
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode))
#else
if (PG(open_basedir) && PG(open_basedir)[0] != '\0')
Modified: php/php-src/branches/PHP_5_3/ext/phar/phar.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/phar/phar.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/phar/phar.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -1327,7 +1327,7 @@
if (!pphar) {
pphar = &mydata;
}
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
return FAILURE;
}
@@ -1491,7 +1491,7 @@
} else if (error && *error) {
return FAILURE;
}
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
return FAILURE;
}
@@ -2359,7 +2359,7 @@
FREE_ZVAL(halt_constant);
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
return FAILURE;
}
Modified: php/php-src/branches/PHP_5_3/ext/phar/phar_object.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/phar/phar_object.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/phar/phar_object.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -1754,7 +1754,7 @@
return ZEND_HASH_APPLY_STOP;
}
}
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
zend_throw_exception_ex(spl_ce_UnexpectedValueException, 0 TSRMLS_CC, "Iterator %v returned a path \"%s\" that safe mode prevents opening", ce->name, fname);
@@ -3943,7 +3943,7 @@
return;
}
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
zend_throw_exception_ex(spl_ce_RuntimeException, 0 TSRMLS_CC, "phar error: unable to open file \"%s\" to add to phar archive, safe_mode restrictions prevent this", fname);
return;
@@ -4187,11 +4187,11 @@
}
}
/* }}} */
-#if (PHP_MAJOR_VERSION < 6)
-#define OPENBASEDIR_CHECKPATH(filename) \
+#if PHP_API_VERSION < 20100412
+#define PHAR_OPENBASEDIR_CHECKPATH(filename) \
(PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)
#else
-#define OPENBASEDIR_CHECKPATH(filename) \
+#define PHAR_OPENBASEDIR_CHECKPATH(filename) \
php_check_open_basedir(filename TSRMLS_CC)
#endif
@@ -4235,7 +4235,7 @@
return FAILURE;
}
- if (OPENBASEDIR_CHECKPATH(fullpath)) {
+ if (PHAR_OPENBASEDIR_CHECKPATH(fullpath)) {
spprintf(error, 4096, "Cannot extract \"%s\" to \"%s\", openbasedir/safe mode restrictions in effect", entry->filename, fullpath);
efree(fullpath);
return FAILURE;
@@ -4285,7 +4285,11 @@
return SUCCESS;
}
+#if PHP_API_VERSION < 20100412
fp = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
+#else
+ fp = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS, NULL);
+#endif
if (!fp) {
spprintf(error, 4096, "Cannot extract \"%s\", could not open for writing \"%s\"", entry->filename, fullpath);
Modified: php/php-src/branches/PHP_5_3/ext/phar/util.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/phar/util.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/phar/util.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -201,7 +201,7 @@
entry.tmp = estrndup(filename, filename_len);
}
}
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) && !is_phar && (!php_checkuid(entry.tmp, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
efree(entry.tmp);
efree(entry.filename);
@@ -850,7 +850,7 @@
if (phar_get_pharfp(phar TSRMLS_CC)) {
return SUCCESS;
}
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) && (!php_checkuid(phar->fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
return FAILURE;
}
Modified: php/php-src/branches/PHP_5_3/ext/sqlite3/sqlite3.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/sqlite3/sqlite3.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/sqlite3/sqlite3.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -120,11 +120,13 @@
return;
}
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
zend_throw_exception_ex(zend_exception_get_default(TSRMLS_C), 0 TSRMLS_CC, "safe_mode prohibits opening %s", fullpath);
efree(fullpath);
return;
}
+#endif
if (php_check_open_basedir(fullpath TSRMLS_CC)) {
zend_throw_exception_ex(zend_exception_get_default(TSRMLS_C), 0 TSRMLS_CC, "open_basedir prohibits opening %s", fullpath);
@@ -158,7 +160,11 @@
}
#endif
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) {
+#else
+ if (PG(open_basedir) && *PG(open_basedir)) {
+#endif
sqlite3_set_authorizer(db_obj->db, php_sqlite3_authorizer, NULL);
}
@@ -1779,14 +1785,18 @@
*/
static int php_sqlite3_authorizer(void *autharg, int access_type, const char *arg3, const char *arg4, const char *arg5, const char *arg6)
{
- TSRMLS_FETCH();
switch (access_type) {
case SQLITE_ATTACH:
{
if (strncmp(arg3, ":memory:", sizeof(":memory:")-1)) {
+ TSRMLS_FETCH();
+
+#if PHP_API_VERSION < 20100412
if (PG(safe_mode) && (!php_checkuid(arg3, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
return SQLITE_DENY;
}
+#endif
+
if (php_check_open_basedir(arg3 TSRMLS_CC)) {
return SQLITE_DENY;
}
Modified: php/php-src/branches/PHP_5_3/ext/sqlite3/tests/sqlite3_21_security.phpt
===================================================================
--- php/php-src/branches/PHP_5_3/ext/sqlite3/tests/sqlite3_21_security.phpt 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/sqlite3/tests/sqlite3_21_security.phpt 2010-04-26 23:55:03 UTC (rev 298626)
@@ -1,5 +1,5 @@
--TEST--
-SQLite3 open_basedir / safe_mode checks
+SQLite3 open_basedir checks
--SKIPIF--
<?php require_once(dirname(__FILE__) . '/skipif.inc'); ?>
--INI--
Modified: php/php-src/branches/PHP_5_3/ext/zip/php_zip.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/zip/php_zip.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/zip/php_zip.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -184,7 +184,7 @@
php_basename(path_cleaned, path_cleaned_len, NULL, 0, &file_basename, (size_t *)&file_basename_len TSRMLS_CC);
- if (OPENBASEDIR_CHECKPATH(file_dirname_fullpath)) {
+ if (ZIP_OPENBASEDIR_CHECKPATH(file_dirname_fullpath)) {
efree(file_dirname_fullpath);
efree(file_basename);
free(new_state.cwd);
@@ -238,7 +238,7 @@
* is required, does a file can have a different
* safemode status as its parent folder?
*/
- if (OPENBASEDIR_CHECKPATH(fullpath)) {
+ if (ZIP_OPENBASEDIR_CHECKPATH(fullpath)) {
efree(fullpath);
efree(file_dirname_fullpath);
efree(file_basename);
@@ -255,7 +255,7 @@
return 0;
}
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
stream = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
#else
stream = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS, NULL);
@@ -288,7 +288,7 @@
char resolved_path[MAXPATHLEN];
- if (OPENBASEDIR_CHECKPATH(filename)) {
+ if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
return -1;
}
@@ -530,7 +530,7 @@
/* we assume that any glob pattern will match files from one directory only
so checking the dirname of the first match should be sufficient */
strncpy(cwd, globbuf.gl_pathv[0], MAXPATHLEN);
- if (OPENBASEDIR_CHECKPATH(cwd)) {
+ if (ZIP_OPENBASEDIR_CHECKPATH(cwd)) {
return -1;
}
@@ -592,7 +592,7 @@
}
#endif
- if (OPENBASEDIR_CHECKPATH(path)) {
+ if (ZIP_OPENBASEDIR_CHECKPATH(path)) {
return -1;
}
@@ -1148,7 +1148,7 @@
RETURN_FALSE;
}
- if (OPENBASEDIR_CHECKPATH(filename)) {
+ if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
RETURN_FALSE;
}
@@ -1437,7 +1437,7 @@
RETURN_FALSE;
}
- if (OPENBASEDIR_CHECKPATH(filename)) {
+ if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
RETURN_FALSE;
}
Modified: php/php-src/branches/PHP_5_3/ext/zip/php_zip.h
===================================================================
--- php/php-src/branches/PHP_5_3/ext/zip/php_zip.h 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/zip/php_zip.h 2010-04-26 23:55:03 UTC (rev 298626)
@@ -43,12 +43,12 @@
# endif
#endif
-/* {{{ OPENBASEDIR_CHECKPATH(filename) */
-#if (PHP_MAJOR_VERSION < 6)
-# define OPENBASEDIR_CHECKPATH(filename) \
+/* {{{ ZIP_OPENBASEDIR_CHECKPATH(filename) */
+#if PHP_API_VERSION < 20100412
+# define ZIP_OPENBASEDIR_CHECKPATH(filename) \
(PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)
#else
-#define OPENBASEDIR_CHECKPATH(filename) \
+#define ZIP_OPENBASEDIR_CHECKPATH(filename) \
php_check_open_basedir(filename TSRMLS_CC)
#endif
/* }}} */
Modified: php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c 2010-04-26 23:53:30 UTC (rev 298625)
+++ php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c 2010-04-26 23:55:03 UTC (rev 298626)
@@ -120,7 +120,7 @@
}
if (filename) {
- if (OPENBASEDIR_CHECKPATH(filename)) {
+ if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
return NULL;
}
@@ -201,7 +201,7 @@
php_basename(path, path_len - fragment_len, NULL, 0, &file_basename, &file_basename_len TSRMLS_CC);
fragment++;
- if (OPENBASEDIR_CHECKPATH(file_dirname)) {
+ if (ZIP_OPENBASEDIR_CHECKPATH(file_dirname)) {
efree(file_basename);
return NULL;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
