diff options
author | Rasmus Lerdorf <rasmus@php.net> | 2005-05-21 19:46:34 +0000 |
---|---|---|
committer | Rasmus Lerdorf <rasmus@php.net> | 2005-05-21 19:46:34 +0000 |
commit | dd5c63bc185bb13cdd0bdbe0e1a7ec1a488a089f (patch) | |
tree | 3e310ff4d11a197b117ce36c1dcdacefa0012fd1 | |
parent | 50292aaff92e5703aff6a7f9a2ebcd9f469ad4a6 (diff) | |
download | php-git-dd5c63bc185bb13cdd0bdbe0e1a7ec1a488a089f.tar.gz |
Fixed bug #33072 - Add a safemode/open_basedir check for runtime save_path
change
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | ext/session/session.c | 17 |
2 files changed, 17 insertions, 2 deletions
@@ -7,6 +7,8 @@ PHP 4 NEWS them sort based on the current locale. (Derick) - Changed sha1_file() and md5_file() functions to use streams instead of low level IO. (Uwe) +- Fixed bug #33072 (Add a safemode/open_basedir check for runtime save_path + change) (Rasmus) - Fixed bug #33057 (Don't send extraneous entity-headers on a 304 as per RFC 2616 section 10.3.5) (Rasmus, Choitel) - Fixed bug #33019 (socket errors cause memory leaks in php_strerror()). diff --git a/ext/session/session.c b/ext/session/session.c index 9904e7a9e7..7825a7afe1 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -117,6 +117,19 @@ static PHP_INI_MH(OnUpdateSerializer) return SUCCESS; } +static PHP_INI_MH(OnUpdateSaveDir) { + /* Only do the safemode/open_basedir check at runtime */ + if(stage == PHP_INI_STAGE_RUNTIME) { + if (PG(safe_mode) && (!php_checkuid(new_value, NULL, CHECKUID_ALLOW_ONLY_DIR))) { + return FAILURE; + } + + if (php_check_open_basedir(new_value TSRMLS_CC)) { + return FAILURE; + } + } + OnUpdateString(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC); +} /* {{{ PHP_INI */ @@ -124,9 +137,9 @@ PHP_INI_BEGIN() STD_PHP_INI_BOOLEAN("session.bug_compat_42", "1", PHP_INI_ALL, OnUpdateBool, bug_compat, php_ps_globals, ps_globals) STD_PHP_INI_BOOLEAN("session.bug_compat_warn", "1", PHP_INI_ALL, OnUpdateBool, bug_compat_warn, php_ps_globals, ps_globals) #ifdef PHP_WIN32 - STD_PHP_INI_ENTRY("session.save_path", "", PHP_INI_ALL, OnUpdateString, save_path, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.save_path", "", PHP_INI_ALL, OnUpdateSaveDir,save_path, php_ps_globals, ps_globals) #else - STD_PHP_INI_ENTRY("session.save_path", "/tmp", PHP_INI_ALL, OnUpdateString, save_path, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.save_path", "/tmp", PHP_INI_ALL, OnUpdateSaveDir,save_path, php_ps_globals, ps_globals) #endif STD_PHP_INI_ENTRY("session.name", "PHPSESSID", PHP_INI_ALL, OnUpdateString, session_name, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.save_handler", "files", PHP_INI_ALL, OnUpdateSaveHandler) |