mirror of
https://github.com/php/php-src.git
synced 2024-09-22 02:17:32 +00:00
Fix #69719 - more checks for nulls in paths
This commit is contained in:
parent
531c306fe6
commit
f7d7befae8
@ -1761,7 +1761,7 @@ PHP_FUNCTION(dom_document_save)
|
||||
char *file;
|
||||
long options = 0;
|
||||
|
||||
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os|l", &id, dom_document_class_entry, &file, &file_len, &options) == FAILURE) {
|
||||
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op|l", &id, dom_document_class_entry, &file, &file_len, &options) == FAILURE) {
|
||||
return;
|
||||
}
|
||||
|
||||
@ -1990,7 +1990,7 @@ static void _dom_document_schema_validate(INTERNAL_FUNCTION_PARAMETERS, int type
|
||||
int is_valid;
|
||||
char resolved_path[MAXPATHLEN + 1];
|
||||
|
||||
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op", &id, dom_document_class_entry, &source, &source_len) == FAILURE) {
|
||||
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &id, dom_document_class_entry, &source, &source_len) == FAILURE) {
|
||||
return;
|
||||
}
|
||||
|
||||
@ -2003,6 +2003,10 @@ static void _dom_document_schema_validate(INTERNAL_FUNCTION_PARAMETERS, int type
|
||||
|
||||
switch (type) {
|
||||
case DOM_LOAD_FILE:
|
||||
if (CHECK_NULL_PATH(source, source_len)) {
|
||||
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Schema file source");
|
||||
RETURN_FALSE;
|
||||
}
|
||||
valid_file = _dom_get_valid_file_path(source, resolved_path, MAXPATHLEN TSRMLS_CC);
|
||||
if (!valid_file) {
|
||||
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Schema file source");
|
||||
@ -2079,7 +2083,7 @@ static void _dom_document_relaxNG_validate(INTERNAL_FUNCTION_PARAMETERS, int typ
|
||||
int is_valid;
|
||||
char resolved_path[MAXPATHLEN + 1];
|
||||
|
||||
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op", &id, dom_document_class_entry, &source, &source_len) == FAILURE) {
|
||||
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &id, dom_document_class_entry, &source, &source_len) == FAILURE) {
|
||||
return;
|
||||
}
|
||||
|
||||
@ -2092,6 +2096,10 @@ static void _dom_document_relaxNG_validate(INTERNAL_FUNCTION_PARAMETERS, int typ
|
||||
|
||||
switch (type) {
|
||||
case DOM_LOAD_FILE:
|
||||
if (CHECK_NULL_PATH(source, source_len)) {
|
||||
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid RelaxNG file source");
|
||||
RETURN_FALSE;
|
||||
}
|
||||
valid_file = _dom_get_valid_file_path(source, resolved_path, MAXPATHLEN TSRMLS_CC);
|
||||
if (!valid_file) {
|
||||
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid RelaxNG file source");
|
||||
@ -2172,7 +2180,7 @@ static void dom_load_html(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */
|
||||
|
||||
id = getThis();
|
||||
|
||||
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p|l", &source, &source_len, &options) == FAILURE) {
|
||||
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|l", &source, &source_len, &options) == FAILURE) {
|
||||
return;
|
||||
}
|
||||
|
||||
@ -2182,6 +2190,10 @@ static void dom_load_html(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */
|
||||
}
|
||||
|
||||
if (mode == DOM_LOAD_FILE) {
|
||||
if (CHECK_NULL_PATH(source, source_len)) {
|
||||
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid file source");
|
||||
RETURN_FALSE;
|
||||
}
|
||||
ctxt = htmlCreateFileParserCtxt(source, NULL);
|
||||
} else {
|
||||
source_len = xmlStrlen(source);
|
||||
@ -2270,7 +2282,7 @@ PHP_FUNCTION(dom_document_save_html_file)
|
||||
char *file;
|
||||
const char *encoding;
|
||||
|
||||
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &id, dom_document_class_entry, &file, &file_len) == FAILURE) {
|
||||
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op", &id, dom_document_class_entry, &file, &file_len) == FAILURE) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -4071,7 +4071,7 @@ PHP_FUNCTION(imagepsloadfont)
|
||||
struct stat st;
|
||||
#endif
|
||||
|
||||
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &file, &file_len) == FAILURE) {
|
||||
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p", &file, &file_len) == FAILURE) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user