clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 10:27:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

MFH: ws + cs

Browse Source
This commit is contained in:
Jani Taskinen 2007-10-09 08:40:36 +00:00
parent 5e46edd6c3
commit e2b5419e05
1 changed files with 74 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
main/fopen_wrappers.c
View File

@ -81,9 +81,8 @@
/* {{{ php_check_specific_open_basedir
When open_basedir is not NULL, check if the given filename is located in
open_basedir. Returns -1 if error or not in the open_basedir, else 0
When open_basedir is NULL, always return 0
open_basedir. Returns -1 if error or not in the open_basedir, else 0.
When open_basedir is NULL, always return 0.
*/
PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path TSRMLS_DC)
{
@ -96,7 +95,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path
int resolved_name_len;
int path_len;
int nesting_level = 0;
/* Special case basedir==".": Use script-directory */
if (strcmp(basedir, ".") || !VCWD_GETCWD(local_open_basedir, MAXPATHLEN)) {
/* Else use the unmodified path */
@ -113,7 +112,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path
if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL) {
return -1;
}
path_len = strlen(resolved_name);
memcpy(path_tmp, resolved_name, path_len + 1); /* safe */
@ -122,7 +121,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path
if (nesting_level == 0) {
int ret;
char buf[MAXPATHLEN];
ret = readlink(path_tmp, buf, MAXPATHLEN - 1);
if (ret < 0) {
/* not a broken symlink, move along.. */
@ -149,7 +148,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path
path_len = path_file - path_tmp + 1;
#if defined(PHP_WIN32) || defined(NETWARE)
if (path_len > 1 && path_tmp[path_len - 2] == ':') {
/* this is c:\, */
/* this is c:\ */
path_tmp[path_len] = '\0';
} else {
path_tmp[path_len - 1] = '\0';
@ -242,8 +241,7 @@ PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC)
ptr = end;
}
if (warn) {
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));
php_error_docref(NULL TSRMLS_CC, E_WARNING, "open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));
}
efree(pathbuf);
errno = EPERM; /* we deny permission to open it */
@ -267,11 +265,10 @@ PHPAPI int php_check_safe_mode_include_dir(const char *path TSRMLS_DC)
char resolved_name[MAXPATHLEN];
/* Resolve the real path into resolved_name */
if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL)
if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL) {
return -1;
}
pathbuf = estrdup(PG(safe_mode_include_dir));
ptr = pathbuf;
while (ptr && *ptr) {
@ -351,7 +348,7 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
if (pwbuflen < 1) {
return FAILURE;
}
pwbuf = emalloc(pwbuflen);
#endif
length = s - (path_info + 2);
@ -369,8 +366,7 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
pw = getpwnam(user);
#endif
if (pw && pw->pw_dir) {
spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR,
PG(user_dir), PHP_DIR_SEPARATOR, s+1); /* Safe */
spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR, PG(user_dir), PHP_DIR_SEPARATOR, s + 1); /* Safe */
STR_FREE(SG(request_info).path_translated);
SG(request_info).path_translated = filename;
}
@ -401,9 +397,9 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
if (!filename) {
/* we have to free SG(request_info).path_translated here because
php_destroy_request_info assumes that it will get
freed when the include_names hash is emptied, but
we're not adding it in this case */
* php_destroy_request_info assumes that it will get
* freed when the include_names hash is emptied, but
* we're not adding it in this case */
STR_FREE(SG(request_info).path_translated);
SG(request_info).path_translated = NULL;
return FAILURE;
@ -426,9 +422,9 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
file_handle->opened_path = expand_filepath(filename, NULL TSRMLS_CC);
if (!(SG(options) & SAPI_OPTION_NO_CHDIR)) {
if (!(SG(options) & SAPI_OPTION_NO_CHDIR)) {
VCWD_CHDIR_FILE(filename);
}
}
SG(request_info).path_translated = filename;
file_handle->filename = SG(request_info).path_translated;
@ -458,13 +454,13 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
if (opened_path) {
*opened_path = NULL;
}
if(!filename) {
if (!filename) {
return NULL;
}
filename_length = strlen(filename);
/* Relative path open */
if (*filename == '.') {
if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) {
@ -472,21 +468,21 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
}
return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
}
/*
* files in safe_mode_include_dir (or subdir) are excluded from
* safe mode GID/UID checks
*/
/* Absolute path open */
if (IS_ABSOLUTE_PATH(filename, filename_length)) {
if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0)
if (php_check_safe_mode_include_dir(filename TSRMLS_CC) == 0) {
/* filename is in safe_mode_include_dir (or subdir) */
return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM)))
}
if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) {
return NULL;
}
return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
}
@ -507,16 +503,15 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
path_length = strlen(path);
while ((--exec_fname_length >= 0) && !IS_SLASH(exec_fname[exec_fname_length]));
if ((exec_fname && exec_fname[0] == '[')
|| exec_fname_length<=0) {
if ((exec_fname && exec_fname[0] == '[') || exec_fname_length <= 0) {
/* [no active file] or no path */
pathbuf = estrdup(path);
} else {
pathbuf = (char *) emalloc(exec_fname_length + path_length +1 +1);
} else {
pathbuf = (char *) emalloc(exec_fname_length + path_length + 1 + 1);
memcpy(pathbuf, path, path_length);
pathbuf[path_length] = DEFAULT_DIR_SEPARATOR;
memcpy(pathbuf+path_length+1, exec_fname, exec_fname_length);
pathbuf[path_length + exec_fname_length +1] = '\0';
memcpy(pathbuf + path_length + 1, exec_fname, exec_fname_length);
pathbuf[path_length + exec_fname_length + 1] = '\0';
}
} else {
pathbuf = estrdup(path);
@ -534,13 +529,14 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
if (PG(safe_mode)) {
if (VCWD_STAT(trypath, &sb) == 0) {
/* file exists ... check permission */
if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) ||
php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM))
if (php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0 ||
php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM)
) {
/* UID ok, or trypath is in safe_mode_include_dir */
fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC);
else
} else {
fp = NULL;
}
efree(pathbuf);
return fp;
}
@ -557,29 +553,29 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c
return NULL;
}
/* }}} */
/* {{{ php_strip_url_passwd
*/
PHPAPI char *php_strip_url_passwd(char *url)
{
register char *p, *url_start;
if (url == NULL) {
return "";
}
p = url;
while (*p) {
if (*p==':' && *(p+1)=='/' && *(p+2)=='/') {
if (*p == ':' && *(p + 1) == '/' && *(p + 2) == '/') {
/* found protocol */
url_start = p = p+3;
url_start = p = p + 3;
while (*p) {
if (*p=='@') {
if (*p == '@') {
int i;
for (i=0; i<3 && url_start<p; i++, url_start++) {
for (i = 0; i < 3 && url_start < p; i++, url_start++) {
*url_start = '.';
}
for (; *p; p++) {
@ -604,43 +600,45 @@ PHPAPI char *expand_filepath(const char *filepath, char *real_path TSRMLS_DC)
{
cwd_state new_state;
char cwd[MAXPATHLEN];
int copy_len;
if (!filepath[0]) {
return NULL;
} else if (IS_ABSOLUTE_PATH(filepath, strlen(filepath))) {
cwd[0] = '\0';
} else {
const char *iam = SG(request_info).path_translated;
char *result = VCWD_GETCWD(cwd, MAXPATHLEN);
if (!result && (iam != filepath)) {
int fdtest = -1;
fdtest = VCWD_OPEN(filepath, O_RDONLY);
if (fdtest != -1) {
/* return a relative file path if for any reason
we cannot cannot getcwd() and the requested,
relatively referenced file is accessible */
int copy_len = strlen(filepath)>MAXPATHLEN-1?MAXPATHLEN-1:strlen(filepath);
real_path = estrndup(filepath, copy_len);
return real_path;
}
}
else {
cwd[0] = '\0';
}
}
if (!filepath[0]) {
return NULL;
} else if (IS_ABSOLUTE_PATH(filepath, strlen(filepath))) {
cwd[0] = '\0';
} else {
const char *iam = SG(request_info).path_translated;
char *result = VCWD_GETCWD(cwd, MAXPATHLEN);
if (!result && (iam != filepath)) {
int fdtest = -1;
fdtest = VCWD_OPEN(filepath, O_RDONLY);
if (fdtest != -1) {
/* return a relative file path if for any reason
* we cannot cannot getcwd() and the requested,
* relatively referenced file is accessible */
copy_len = strlen(filepath) > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : strlen(filepath);
real_path = estrndup(filepath, copy_len);
return real_path;
}
} else {
cwd[0] = '\0';
}
}
new_state.cwd = strdup(cwd);
new_state.cwd_length = strlen(cwd);
if(virtual_file_ex(&new_state, filepath, NULL, CWD_FILEPATH)) {
if (virtual_file_ex(&new_state, filepath, NULL, CWD_FILEPATH)) {
free(new_state.cwd);
return NULL;
}
if(real_path) {
int copy_len = new_state.cwd_length>MAXPATHLEN-1?MAXPATHLEN-1:new_state.cwd_length;
if (real_path) {
copy_len = new_state.cwd_length > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : new_state.cwd_length;
memcpy(real_path, new_state.cwd, copy_len);
real_path[copy_len]='\0';
real_path[copy_len] = '\0';
} else {
real_path = estrndup(new_state.cwd, new_state.cwd_length);
}