clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-24 11:27:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

ws + cs

Browse Source
This commit is contained in:
Jani Taskinen 2007-10-09 08:40:25 +00:00
parent aaa68d2928
commit c1c60fb7e2
1 changed files with 66 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

135
main/fopen_wrappers.c
View File

@ -90,7 +90,7 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
char *base = (char *) ts_resource(*((int *) mh_arg2));
#endif
p = (char **) (base+(size_t) mh_arg1);
p = (char **) (base + (size_t) mh_arg1);
if (stage == PHP_INI_STAGE_STARTUP || stage == PHP_INI_STAGE_SHUTDOWN) {
/* We're in a PHP_INI_SYSTEM context, no restrictions */
@ -98,8 +98,7 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
return SUCCESS;
}
/* Elsewise, we're in runtime */
/* Otherwise we're in runtime */
if (!*p || !**p) {
/* open_basedir not set yet, go ahead and give it a value */
*p = new_value;
@ -138,9 +137,8 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
/* {{{ php_check_specific_open_basedir
When open_basedir is not NULL, check if the given filename is located in
open_basedir. Returns -1 if error or not in the open_basedir, else 0
When open_basedir is NULL, always return 0
open_basedir. Returns -1 if error or not in the open_basedir, else 0.
When open_basedir is NULL, always return 0.
*/
PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path TSRMLS_DC)
{
@ -153,7 +151,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path
int resolved_name_len;
int path_len;
int nesting_level = 0;
/* Special case basedir==".": Use script-directory */
if (strcmp(basedir, ".") || !VCWD_GETCWD(local_open_basedir, MAXPATHLEN)) {
/* Else use the unmodified path */
@ -170,7 +168,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path
if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL) {
return -1;
}
path_len = strlen(resolved_name);
memcpy(path_tmp, resolved_name, path_len + 1); /* safe */
@ -179,7 +177,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path
if (nesting_level == 0) {
int ret;
char buf[MAXPATHLEN];
ret = readlink(path_tmp, buf, MAXPATHLEN - 1);
if (ret < 0) {
/* not a broken symlink, move along.. */
@ -206,7 +204,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path
path_len = path_file - path_tmp + 1;
#if defined(PHP_WIN32) || defined(NETWARE)
if (path_len > 1 && path_tmp[path_len - 2] == ':') {
/* this is c:\, */
/* this is c:\ */
path_tmp[path_len] = '\0';
} else {
path_tmp[path_len - 1] = '\0';
@ -299,8 +297,7 @@ PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC)
ptr = end;
}
if (warn) {
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));
php_error_docref(NULL TSRMLS_CC, E_WARNING, "open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));
}
efree(pathbuf);
errno = EPERM; /* we deny permission to open it */
@ -359,7 +356,7 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
if (pwbuflen < 1) {
return FAILURE;
}
pwbuf = emalloc(pwbuflen);
#endif
length = s - (path_info + 2);
@ -377,8 +374,7 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
pw = getpwnam(user);
#endif
if (pw && pw->pw_dir) {
spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR,
PG(user_dir), PHP_DIR_SEPARATOR, s+1); /* Safe */
spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR, PG(user_dir), PHP_DIR_SEPARATOR, s + 1); /* Safe */
STR_FREE(SG(request_info).path_translated);
SG(request_info).path_translated = filename;
}
@ -409,9 +405,9 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
if (!filename) {
/* we have to free SG(request_info).path_translated here because
php_destroy_request_info assumes that it will get
freed when the include_names hash is emptied, but
we're not adding it in this case */
* php_destroy_request_info assumes that it will get
* freed when the include_names hash is emptied, but
* we're not adding it in this case */
STR_FREE(SG(request_info).path_translated);
SG(request_info).path_translated = NULL;
return FAILURE;
@ -434,9 +430,9 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
file_handle->opened_path = expand_filepath(filename, NULL TSRMLS_CC);
if (!(SG(options) & SAPI_OPTION_NO_CHDIR)) {
if (!(SG(options) & SAPI_OPTION_NO_CHDIR)) {
VCWD_CHDIR_FILE(filename);
}
}
SG(request_info).path_translated = filename;
file_handle->filename = SG(request_info).path_translated;
@ -465,20 +461,20 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
if (opened_path) {
*opened_path = NULL;
}
if(!filename) {
if (!filename) {
return NULL;
}
filename_length = strlen(filename);
/* Relative path open */
if (*filename == '.') {
return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
}
/* Absolute path open */
/* FIXME: Andi - Do we actually need the if()? */
/* FIXME: Andi - Do we actually need the if ()? */
if (IS_ABSOLUTE_PATH(filename, filename_length) || (!path || (path && !*path))) {
return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
}
@ -493,16 +489,15 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
path_length = strlen(path);
while ((--exec_fname_length >= 0) && !IS_SLASH(exec_fname[exec_fname_length]));
if ((exec_fname && exec_fname[0] == '[')
|| exec_fname_length<=0) {
if ((exec_fname && exec_fname[0] == '[') || exec_fname_length <= 0) {
/* [no active file] or no path */
pathbuf = estrdup(path);
} else {
pathbuf = (char *) emalloc(exec_fname_length + path_length +1 +1);
} else {
pathbuf = (char *) emalloc(exec_fname_length + path_length + 1 + 1);
memcpy(pathbuf, path, path_length);
pathbuf[path_length] = DEFAULT_DIR_SEPARATOR;
memcpy(pathbuf+path_length+1, exec_fname, exec_fname_length);
pathbuf[path_length + exec_fname_length +1] = '\0';
memcpy(pathbuf + path_length + 1, exec_fname, exec_fname_length);
pathbuf[path_length + exec_fname_length + 1] = '\0';
}
} else {
pathbuf = estrdup(path);
@ -517,7 +512,7 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
end++;
}
snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename);
fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC);
if (fp) {
efree(pathbuf);
@ -530,29 +525,29 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
return NULL;
}
/* }}} */
/* {{{ php_strip_url_passwd
*/
PHPAPI char *php_strip_url_passwd(char *url)
{
register char *p, *url_start;
if (url == NULL) {
return "";
}
p = url;
while (*p) {
if (*p==':' && *(p+1)=='/' && *(p+2)=='/') {
if (*p == ':' && *(p + 1) == '/' && *(p + 2) == '/') {
/* found protocol */
url_start = p = p+3;
url_start = p = p + 3;
while (*p) {
if (*p=='@') {
if (*p == '@') {
int i;
for (i=0; i<3 && url_start<p; i++, url_start++) {
for (i = 0; i < 3 && url_start < p; i++, url_start++) {
*url_start = '.';
}
for (; *p; p++) {
@ -577,43 +572,45 @@ PHPAPI char *expand_filepath(const char *filepath, char *real_path TSRMLS_DC)
{
cwd_state new_state;
char cwd[MAXPATHLEN];
int copy_len;
if (!filepath[0]) {
return NULL;
} else if (IS_ABSOLUTE_PATH(filepath, strlen(filepath))) {
cwd[0] = '\0';
} else {
const char *iam = SG(request_info).path_translated;
char *result = VCWD_GETCWD(cwd, MAXPATHLEN);
if (!result && (iam != filepath)) {
int fdtest = -1;
fdtest = VCWD_OPEN(filepath, O_RDONLY);
if (fdtest != -1) {
/* return a relative file path if for any reason
we cannot cannot getcwd() and the requested,
relatively referenced file is accessible */
int copy_len = strlen(filepath)>MAXPATHLEN-1?MAXPATHLEN-1:strlen(filepath);
real_path = estrndup(filepath, copy_len);
return real_path;
}
}
else {
cwd[0] = '\0';
}
}
if (!filepath[0]) {
return NULL;
} else if (IS_ABSOLUTE_PATH(filepath, strlen(filepath))) {
cwd[0] = '\0';
} else {
const char *iam = SG(request_info).path_translated;
char *result = VCWD_GETCWD(cwd, MAXPATHLEN);
if (!result && (iam != filepath)) {
int fdtest = -1;
fdtest = VCWD_OPEN(filepath, O_RDONLY);
if (fdtest != -1) {
/* return a relative file path if for any reason
* we cannot cannot getcwd() and the requested,
* relatively referenced file is accessible */
copy_len = strlen(filepath) > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : strlen(filepath);
real_path = estrndup(filepath, copy_len);
return real_path;
}
} else {
cwd[0] = '\0';
}
}
new_state.cwd = strdup(cwd);
new_state.cwd_length = strlen(cwd);
if(virtual_file_ex(&new_state, filepath, NULL, CWD_FILEPATH)) {
if (virtual_file_ex(&new_state, filepath, NULL, CWD_FILEPATH)) {
free(new_state.cwd);
return NULL;
}
if(real_path) {
int copy_len = new_state.cwd_length>MAXPATHLEN-1?MAXPATHLEN-1:new_state.cwd_length;
if (real_path) {
copy_len = new_state.cwd_length > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : new_state.cwd_length;
memcpy(real_path, new_state.cwd, copy_len);
real_path[copy_len]='\0';
real_path[copy_len] = '\0';
} else {
real_path = estrndup(new_state.cwd, new_state.cwd_length);
}