Felipe Pena
8775a37559
- Year++
2012-01-01 13:15:04 +00:00
Dmitry Stogov
e43ff1359e
Fixed ZE specific compile warnings (Bug #55629 )
2011-09-13 13:29:35 +00:00
Xinchen Hui
5dc3195897
Avoiding strcpy, strcat, sprintf usage to make static analyzer happy
2011-08-09 12:16:58 +00:00
Pierre Joye
dd06894b56
- do not resolve the link if all we want is to open that file
2011-07-27 12:20:32 +00:00
Pierre Joye
4cbca588f7
- simplify
2011-07-26 09:27:53 +00:00
Pierre Joye
090bfcdfe1
- add expand_filepath_with_mode (not used anywhere yet but will be used for file ops (fopen&co) to avoid extra links resolution and other non required ops on open
2011-07-25 16:50:07 +00:00
Felipe Pena
4737910b69
- Added new parameter parsing option (p - for valid path (string without null byte in the middle))
...
# The tests will be fixed in the next commits
2011-06-06 21:28:16 +00:00
Pierre Joye
95388b7cda
- fix regression introduced in 5.3.4 in open_basedir on windows/novell with trailing fwd slash
2011-01-18 22:20:09 +00:00
Felipe Pena
0203cc3d44
- Year++
2011-01-01 02:17:06 +00:00
Pierre Joye
1f454695a4
- fixed #53352
2010-11-23 22:14:54 +00:00
Adam Harvey
7f0d3f7d70
Fix bug #53226 (file_exists fails on big filenames).
2010-11-05 05:28:07 +00:00
Pierre Joye
c8a717a2b1
- Fixed possible flaw in open_basedir (CVE-2010-3436)
2010-09-28 13:29:33 +00:00
Pierre Joye
4d8d26d0db
- open_basedir symlink support for Windows
2010-09-10 17:45:13 +00:00
Pierre Joye
100228aae1
- use TSRMLS_CC instead of TSRMLS_FETCH in virtual_file_ex
2010-08-30 09:38:47 +00:00
Dmitry Stogov
b4216e0a82
Use zend_stream API to open main PHP script in CGI/FastCGI. This allows to override the open function by opcode caches and eliminate the actual open syscall.
2010-07-07 16:54:55 +00:00
Kalle Sommer Nielsen
dd8e59da8f
Removed safe_mode
...
* Removed ini options, safe_mode*
* Removed --enable-safe-mode --with-exec-dir configure options on Unix
* Updated extensions, SAPI's and core
* php_get_current_user() is now declared in main.c, thrus no need to include safe_mode.h anymore
2010-04-26 23:53:30 +00:00
Felipe Pena
10e7361027
- Fixed bug #51627 (script path not correctly evaluated)
...
Patch by: russell dot tempero at rightnow dot com
2010-04-21 22:22:31 +00:00
Sebastian Bergmann
9ba1e81665
sed -i "s#1997-2009#1997-2010#g" **/*.c **/*.h **/*.php
2010-01-03 09:23:27 +00:00
Dmitry Stogov
2ad406e518
Fixed bug #50159 (wrong working directory in symlinked files)
2009-11-30 14:21:23 +00:00
Jani Taskinen
ccd6e501d1
- Simplified a bit and fixed possible memory corruption and definate leak.
2009-09-10 16:19:42 +00:00
Jani Taskinen
f723d368b3
- Fixed bug #49182 (PHP CGI always outputs the shebang line)
2009-09-05 17:07:14 +00:00
Rasmus Lerdorf
8608857c1a
Fix bug #48880
...
The ini entry was being corrupted because it wasn't being set
on the ACTIVATE and DEACTIVATE stages.
2009-07-31 21:09:45 +00:00
Rasmus Lerdorf
269df474bf
Ah, broken vimrc..
2009-06-18 06:38:30 +00:00
Rasmus Lerdorf
e70abda281
Fix bug #48592
2009-06-18 06:32:38 +00:00
Ilia Alshanetsky
aaa5361c90
Adjust condition
2009-02-10 16:14:18 +00:00
Ilia Alshanetsky
986a933c82
MFB: Added path truncation E_NOTICE to let people now when path resolving
...
caused the file path to be truncated.
2009-02-10 14:18:46 +00:00
Sebastian Bergmann
08659c2dcd
MFH: Bump copyright year, 3 of 3.
2008-12-31 11:15:49 +00:00
Hannes Magnusson
76669fce23
MFH: - Changed open_basedir to allow tightening in runtime contexts. (Sara)
...
- Add test
2008-12-09 10:20:11 +00:00
Arnaud Le Blanc
c573dd6614
MFH: Missing files in previous commit (Check the relevant path for open_basedir
...
in symlink())
2008-08-11 15:33:02 +00:00
Dmitry Stogov
7355c3c54c
Removed shebang line check from CGI sapi (it is checked by scanner)
2008-08-04 07:20:15 +00:00
Dmitry Stogov
baab204436
Fixed chdir() into requested file directory inconsistencies
2008-07-21 08:43:36 +00:00
Dmitry Stogov
862f9ee3d2
Added ability to use stream wrappers in include_path
2008-03-27 10:33:40 +00:00
Dmitry Stogov
2f794ceabb
Fixed ws and comment
2008-03-24 09:30:41 +00:00
Dmitry Stogov
7705272218
Disable path resolution for filenames with stream wrappers
...
More careful check for relative pathes (./xxx and ../xxx)
2008-03-13 14:09:54 +00:00
Dmitry Stogov
ab232458c7
Optimized require_once() and include_once() by eliminationg open() syscall on second usage.
2008-03-05 13:34:12 +00:00
Dmitry Stogov
0ac1830d9c
Fixed bug #43491 (Under certain conditions, file_exists() never returns)
2008-01-29 14:24:55 +00:00
Sebastian Bergmann
d1dded8751
MFH: Bump copyright year, 2 of 2.
2007-12-31 07:17:19 +00:00
Hannes Magnusson
c236bcd80e
Fixed bug#43105 (PHP seems to fail to close open files.)
2007-12-27 02:09:26 +00:00
Scott MacVicar
52debae82e
MFH: Fix expand_filepath when including relative files, ideally you should test you code...
2007-10-09 10:05:08 +00:00
Jani Taskinen
e2b5419e05
MFH: ws + cs
2007-10-09 08:40:36 +00:00
Robert Thompson
0092263030
Fix for bug 41822. expand_filepath() will now return a relative path under the specific situation where getcwd() returns NULL and the file is still readable. As far as I have been able to tell, this fix only applies to the Solaris OS where files in directories with (--x) cannot getcwd().
2007-10-08 23:44:50 +00:00
Dmitry Stogov
ca854215db
Fixed symlink("", "somthing") and link("", "somthing") in ZTS mode
2007-07-10 13:21:11 +00:00
Antony Dovgal
8e3eee385e
MFH: fix #41518 (file_exists() warns of open_basedir restriction on non-existent file)
2007-06-01 13:35:23 +00:00
Dmitry Stogov
72e7bfdedf
Fixed endless loop in open_basedir check
2007-04-18 11:58:40 +00:00
Antony Dovgal
19aa4a932f
fix #40931 (open_basedir bypass via symlink and move_uploaded_file())
2007-04-10 22:30:07 +00:00
Marcus Boerger
50ea26760d
- Avoid sprintf, even when checked copy'n'paste or changes lead to errors
2007-02-24 02:17:47 +00:00
Hannes Magnusson
6b7144d0b8
Fix build
...
#Thanks Andy
2007-01-12 14:31:28 +00:00
Antony Dovgal
5941c1d28c
MFH
2007-01-12 09:10:16 +00:00
Ilia Alshanetsky
2ae036f038
Fixed bug #40098 (php_fopen_primary_script() not thread safe).
...
Adjusted previous fixes for similar issue to handle sysconf() failures
2007-01-12 01:46:11 +00:00
Sebastian Bergmann
4223aa4d5e
MFH: Bump year.
2007-01-01 09:36:18 +00:00