pajoye Wed, 27 Jul 2011 14:58:30 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=313784
Log: - do safemode/open basedir checks 1st, and use only expand not realpath (it is done by the safemode/openbasedir check already) Changed paths: U php/php-src/branches/PHP_5_4/ext/fileinfo/fileinfo.c U php/php-src/trunk/ext/fileinfo/fileinfo.c Modified: php/php-src/branches/PHP_5_4/ext/fileinfo/fileinfo.c =================================================================== --- php/php-src/branches/PHP_5_4/ext/fileinfo/fileinfo.c 2011-07-27 14:37:46 UTC (rev 313783) +++ php/php-src/branches/PHP_5_4/ext/fileinfo/fileinfo.c 2011-07-27 14:58:30 UTC (rev 313784) @@ -293,10 +293,6 @@ if (file_len == 0) { file = NULL; } else if (file && *file) { /* user specified file, perform open_basedir checks */ - if (!VCWD_REALPATH(file, resolved_path)) { - RETURN_FALSE; - } - file = resolved_path; #if PHP_API_VERSION < 20100412 if ((PG(safe_mode) && (!php_checkuid(file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(file TSRMLS_CC)) { @@ -305,6 +301,10 @@ #endif RETURN_FALSE; } + if (!expand_filepath_with_mode(file, resolved_path, NULL, 0, CWD_EXPAND TSRMLS_CC)) { + RETURN_FALSE; + } + file = resolved_path; } finfo = emalloc(sizeof(struct php_fileinfo)); Modified: php/php-src/trunk/ext/fileinfo/fileinfo.c =================================================================== --- php/php-src/trunk/ext/fileinfo/fileinfo.c 2011-07-27 14:37:46 UTC (rev 313783) +++ php/php-src/trunk/ext/fileinfo/fileinfo.c 2011-07-27 14:58:30 UTC (rev 313784) @@ -293,10 +293,6 @@ if (file_len == 0) { file = NULL; } else if (file && *file) { /* user specified file, perform open_basedir checks */ - if (!VCWD_REALPATH(file, resolved_path)) { - RETURN_FALSE; - } - file = resolved_path; #if PHP_API_VERSION < 20100412 if ((PG(safe_mode) && (!php_checkuid(file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(file TSRMLS_CC)) { @@ -305,6 +301,10 @@ #endif RETURN_FALSE; } + if (!expand_filepath_with_mode(file, resolved_path, NULL, 0, CWD_EXPAND TSRMLS_CC)) { + RETURN_FALSE; + } + file = resolved_path; } finfo = emalloc(sizeof(struct php_fileinfo));
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php