mirror of
https://github.com/php/php-src.git
synced 2024-09-21 18:07:23 +00:00
Fix bug #77967 - Bypassing open_basedir restrictions via file uris
This commit is contained in:
parent
73ff4193be
commit
c34895e837
9
NEWS
9
NEWS
@ -3,7 +3,7 @@ PHP NEWS
|
||||
?? ??? 2019, PHP 7.1.30
|
||||
|
||||
- EXIF:
|
||||
. Fixed bug #77988 (heap-buffer-overflow on php_jpg_get16).
|
||||
. Fixed bug #77988 (heap-buffer-overflow on php_jpg_get16).
|
||||
(CVE-2019-11040) (Stas)
|
||||
|
||||
- GD:
|
||||
@ -14,6 +14,9 @@ PHP NEWS
|
||||
. Fixed bug #78069 (Out-of-bounds read in iconv.c:_php_iconv_mime_decode()
|
||||
due to integer overflow). (CVE-2019-11039). (maris dot adam)
|
||||
|
||||
- SQLite:
|
||||
. Fixed bug #77967 (Bypassing open_basedir restrictions via file uris). (Stas)
|
||||
|
||||
03 May 2019, PHP 7.1.29
|
||||
|
||||
- EXIF:
|
||||
@ -28,8 +31,8 @@ PHP NEWS
|
||||
- EXIF:
|
||||
. Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s). (CVE-2019-11034)
|
||||
(Stas)
|
||||
. Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value).
|
||||
(CVE-2019-11035) (Stas)
|
||||
. Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value).
|
||||
(CVE-2019-11035) (Stas)
|
||||
|
||||
- SQLite3:
|
||||
. Added sqlite3.defensive INI directive. (BohwaZ)
|
||||
|
@ -2034,6 +2034,15 @@ static int php_sqlite3_authorizer(void *autharg, int access_type, const char *ar
|
||||
case SQLITE_ATTACH:
|
||||
{
|
||||
if (memcmp(arg3, ":memory:", sizeof(":memory:")) && *arg3) {
|
||||
if (strncmp(arg3, "file:", 5) == 0) {
|
||||
/* starts with "file:" */
|
||||
if (!arg3[5]) {
|
||||
return SQLITE_DENY;
|
||||
}
|
||||
if (php_check_open_basedir(arg3 + 5)) {
|
||||
return SQLITE_DENY;
|
||||
}
|
||||
}
|
||||
if (php_check_open_basedir(arg3)) {
|
||||
return SQLITE_DENY;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user