mirror of
https://github.com/php/php-src.git
synced 2024-09-22 02:17:32 +00:00
MFH: ws + cs
This commit is contained in:
Jani Taskinen
parent
5e46edd6c3
commit
e2b5419e05
@ -81,9 +81,8 @@
|
||||
|
||||
/* {{{ php_check_specific_open_basedir
|
||||
When open_basedir is not NULL, check if the given filename is located in
|
||||
open_basedir. Returns -1 if error or not in the open_basedir, else 0
|
||||
|
||||
When open_basedir is NULL, always return 0
|
||||
open_basedir. Returns -1 if error or not in the open_basedir, else 0.
|
||||
When open_basedir is NULL, always return 0.
|
||||
*/
|
||||
PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path TSRMLS_DC)
|
||||
{
|
||||
@ -149,7 +148,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path
|
||||
path_len = path_file - path_tmp + 1;
|
||||
#if defined(PHP_WIN32) || defined(NETWARE)
|
||||
if (path_len > 1 && path_tmp[path_len - 2] == ':') {
|
||||
/* this is c:\, */
|
||||
/* this is c:\ */
|
||||
path_tmp[path_len] = '\0';
|
||||
} else {
|
||||
path_tmp[path_len - 1] = '\0';
|
||||
@ -242,8 +241,7 @@ PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC)
|
||||
ptr = end;
|
||||
}
|
||||
if (warn) {
|
||||
php_error_docref(NULL TSRMLS_CC, E_WARNING,
|
||||
"open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));
|
||||
php_error_docref(NULL TSRMLS_CC, E_WARNING, "open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));
|
||||
}
|
||||
efree(pathbuf);
|
||||
errno = EPERM; /* we deny permission to open it */
|
||||
@ -267,11 +265,10 @@ PHPAPI int php_check_safe_mode_include_dir(const char *path TSRMLS_DC)
|
||||
char resolved_name[MAXPATHLEN];
|
||||
|
||||
/* Resolve the real path into resolved_name */
|
||||
if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL)
|
||||
if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL) {
|
||||
return -1;
|
||||
|
||||
}
|
||||
pathbuf = estrdup(PG(safe_mode_include_dir));
|
||||
|
||||
ptr = pathbuf;
|
||||
|
||||
while (ptr && *ptr) {
|
||||
@ -369,8 +366,7 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
|
||||
pw = getpwnam(user);
|
||||
#endif
|
||||
if (pw && pw->pw_dir) {
|
||||
spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR,
|
||||
PG(user_dir), PHP_DIR_SEPARATOR, s+1); /* Safe */
|
||||
spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR, PG(user_dir), PHP_DIR_SEPARATOR, s + 1); /* Safe */
|
||||
STR_FREE(SG(request_info).path_translated);
|
||||
SG(request_info).path_translated = filename;
|
||||
}
|
||||
@ -401,9 +397,9 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
|
||||
|
||||
if (!filename) {
|
||||
/* we have to free SG(request_info).path_translated here because
|
||||
php_destroy_request_info assumes that it will get
|
||||
freed when the include_names hash is emptied, but
|
||||
we're not adding it in this case */
|
||||
* php_destroy_request_info assumes that it will get
|
||||
* freed when the include_names hash is emptied, but
|
||||
* we're not adding it in this case */
|
||||
STR_FREE(SG(request_info).path_translated);
|
||||
SG(request_info).path_translated = NULL;
|
||||
return FAILURE;
|
||||
@ -480,13 +476,13 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
|
||||
|
||||
/* Absolute path open */
|
||||
if (IS_ABSOLUTE_PATH(filename, filename_length)) {
|
||||
if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0)
|
||||
if (php_check_safe_mode_include_dir(filename TSRMLS_CC) == 0) {
|
||||
/* filename is in safe_mode_include_dir (or subdir) */
|
||||
return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
|
||||
|
||||
if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM)))
|
||||
}
|
||||
if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) {
|
||||
return NULL;
|
||||
|
||||
}
|
||||
return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
|
||||
}
|
||||
|
||||
@ -507,8 +503,7 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
|
||||
path_length = strlen(path);
|
||||
|
||||
while ((--exec_fname_length >= 0) && !IS_SLASH(exec_fname[exec_fname_length]));
|
||||
if ((exec_fname && exec_fname[0] == '[')
|
||||
|| exec_fname_length<=0) {
|
||||
if ((exec_fname && exec_fname[0] == '[') || exec_fname_length <= 0) {
|
||||
/* [no active file] or no path */
|
||||
pathbuf = estrdup(path);
|
||||
} else {
|
||||
@ -534,13 +529,14 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
|
||||
if (PG(safe_mode)) {
|
||||
if (VCWD_STAT(trypath, &sb) == 0) {
|
||||
/* file exists ... check permission */
|
||||
if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) ||
|
||||
php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM))
|
||||
if (php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0 ||
|
||||
php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM)
|
||||
) {
|
||||
/* UID ok, or trypath is in safe_mode_include_dir */
|
||||
fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC);
|
||||
else
|
||||
} else {
|
||||
fp = NULL;
|
||||
|
||||
}
|
||||
efree(pathbuf);
|
||||
return fp;
|
||||
}
|
||||
@ -604,6 +600,7 @@ PHPAPI char *expand_filepath(const char *filepath, char *real_path TSRMLS_DC)
|
||||
{
|
||||
cwd_state new_state;
|
||||
char cwd[MAXPATHLEN];
|
||||
int copy_len;
|
||||
|
||||
if (!filepath[0]) {
|
||||
return NULL;
|
||||
@ -612,19 +609,20 @@ PHPAPI char *expand_filepath(const char *filepath, char *real_path TSRMLS_DC)
|
||||
} else {
|
||||
const char *iam = SG(request_info).path_translated;
|
||||
char *result = VCWD_GETCWD(cwd, MAXPATHLEN);
|
||||
|
||||
if (!result && (iam != filepath)) {
|
||||
int fdtest = -1;
|
||||
|
||||
fdtest = VCWD_OPEN(filepath, O_RDONLY);
|
||||
if (fdtest != -1) {
|
||||
/* return a relative file path if for any reason
|
||||
we cannot cannot getcwd() and the requested,
|
||||
relatively referenced file is accessible */
|
||||
int copy_len = strlen(filepath)>MAXPATHLEN-1?MAXPATHLEN-1:strlen(filepath);
|
||||
* we cannot cannot getcwd() and the requested,
|
||||
* relatively referenced file is accessible */
|
||||
copy_len = strlen(filepath) > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : strlen(filepath);
|
||||
real_path = estrndup(filepath, copy_len);
|
||||
return real_path;
|
||||
}
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
cwd[0] = '\0';
|
||||
}
|
||||
}
|
||||
@ -638,7 +636,7 @@ PHPAPI char *expand_filepath(const char *filepath, char *real_path TSRMLS_DC)
|
||||
}
|
||||
|
||||
if (real_path) {
|
||||
int copy_len = new_state.cwd_length>MAXPATHLEN-1?MAXPATHLEN-1:new_state.cwd_length;
|
||||
copy_len = new_state.cwd_length > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : new_state.cwd_length;
|
||||
memcpy(real_path, new_state.cwd, copy_len);
|
||||
real_path[copy_len] = '\0';
|
||||
} else {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user