andi Sun Feb 19 01:10:13 2006 UTC Modified files: /php-src/main fopen_wrappers.c main.c /php-src/main/streams plain_wrapper.c Log: - Some more safe_mode nuking http://cvs.php.net/viewcvs.cgi/php-src/main/fopen_wrappers.c?r1=1.177&r2=1.178&diff_format=u Index: php-src/main/fopen_wrappers.c diff -u php-src/main/fopen_wrappers.c:1.177 php-src/main/fopen_wrappers.c:1.178 --- php-src/main/fopen_wrappers.c:1.177 Sun Jan 1 13:09:57 2006 +++ php-src/main/fopen_wrappers.c Sun Feb 19 01:10:13 2006 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: fopen_wrappers.c,v 1.177 2006/01/01 13:09:57 sniper Exp $ */ +/* $Id: fopen_wrappers.c,v 1.178 2006/02/19 01:10:13 andi Exp $ */ /* {{{ includes */ @@ -379,9 +379,6 @@ /* Relative path open */ if (*filename == '.') { - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); } @@ -396,16 +393,10 @@ /* filename is in safe_mode_include_dir (or subdir) */ return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) - return NULL; - return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); } if (!path || (path && !*path)) { - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); } http://cvs.php.net/viewcvs.cgi/php-src/main/main.c?r1=1.662&r2=1.663&diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.662 php-src/main/main.c:1.663 --- php-src/main/main.c:1.662 Fri Feb 3 09:33:31 2006 +++ php-src/main/main.c Sun Feb 19 01:10:13 2006 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: main.c,v 1.662 2006/02/03 09:33:31 dmitry Exp $ */ +/* $Id: main.c,v 1.663 2006/02/19 01:10:13 andi Exp $ */ /* {{{ includes */ @@ -1601,8 +1601,8 @@ orig_unicode = UG(unicode); UG(unicode) = 0; - /* Disable realpath cache if safe_mode or open_basedir are set */ - if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) { + /* Disable realpath cache if open_basedir are set */ + if ((PG(open_basedir) && *PG(open_basedir))) { CWDG(realpath_cache_size_limit) = 0; } http://cvs.php.net/viewcvs.cgi/php-src/main/streams/plain_wrapper.c?r1=1.59&r2=1.60&diff_format=u Index: php-src/main/streams/plain_wrapper.c diff -u php-src/main/streams/plain_wrapper.c:1.59 php-src/main/streams/plain_wrapper.c:1.60 --- php-src/main/streams/plain_wrapper.c:1.59 Tue Jan 17 12:18:53 2006 +++ php-src/main/streams/plain_wrapper.c Sun Feb 19 01:10:13 2006 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: plain_wrapper.c,v 1.59 2006/01/17 12:18:53 dmitry Exp $ */ +/* $Id: plain_wrapper.c,v 1.60 2006/02/19 01:10:13 andi Exp $ */ #include "php.h" #include "php_globals.h" @@ -813,10 +813,6 @@ return NULL; } - if (PG(safe_mode) &&(!php_checkuid(path, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - return NULL; - } - dir = VCWD_OPENDIR(path); #ifdef PHP_WIN32 @@ -935,9 +931,6 @@ return NULL; } - if ((options & ENFORCE_SAFE_MODE) && PG(safe_mode) && (!php_checkuid(path, mode, CHECKUID_CHECK_MODE_PARAM))) - return NULL; - return php_stream_fopen_rel(path, mode, opened_path, options); } @@ -948,10 +941,6 @@ url += sizeof("file://") - 1; } - if (PG(safe_mode) &&(!php_checkuid_ex(url, NULL, CHECKUID_CHECK_FILE_AND_DIR, (flags & PHP_STREAM_URL_STAT_QUIET) ? CHECKUID_NO_ERRORS : 0))) { - return -1; - } - if (php_check_open_basedir_ex(url, (flags & PHP_STREAM_URL_STAT_QUIET) ? 0 : 1 TSRMLS_CC)) { return -1; } @@ -975,11 +964,8 @@ url = p + 3; } + /* FIXME: Andi - Pending email I sent to internals@ re: ENFORCE_SAFE_MODE */ if (options & ENFORCE_SAFE_MODE) { - if (PG(safe_mode) && !php_checkuid(url, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { - return 0; - } - if (php_check_open_basedir(url TSRMLS_CC)) { return 0; } @@ -1019,11 +1005,6 @@ url_to = p + 3; } - if (PG(safe_mode) && (!php_checkuid(url_from, NULL, CHECKUID_CHECK_FILE_AND_DIR) || - !php_checkuid(url_to, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - return 0; - } - if (php_check_open_basedir(url_from TSRMLS_CC) || php_check_open_basedir(url_to TSRMLS_CC)) { return 0; } @@ -1142,10 +1123,6 @@ static int php_plain_files_rmdir(php_stream_wrapper *wrapper, char *url, int options, php_stream_context *context TSRMLS_DC) { - if (PG(safe_mode) &&(!php_checkuid(url, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - return 0; - } - if (php_check_open_basedir(url TSRMLS_CC)) { return 0; } @@ -1216,9 +1193,6 @@ return NULL; } - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } return php_stream_fopen_rel(filename, mode, opened_path, options); } @@ -1240,9 +1214,6 @@ /* filename is in safe_mode_include_dir (or subdir) */ return php_stream_fopen_rel(filename, mode, opened_path, options); - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) - return NULL; - return php_stream_fopen_rel(filename, mode, opened_path, options); } @@ -1264,10 +1235,7 @@ if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC)) == 0) { return php_stream_fopen_rel(trypath, mode, opened_path, options); } - if (PG(safe_mode) && (!php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } - + return php_stream_fopen_rel(trypath, mode, opened_path, options); } #endif @@ -1278,9 +1246,6 @@ return NULL; } - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } return php_stream_fopen_rel(filename, mode, opened_path, options); }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php