diff options
author | Rasmus Lerdorf <rasmus@php.net> | 2012-03-25 05:45:55 +0530 |
---|---|---|
committer | Rasmus Lerdorf <rasmus@php.net> | 2012-03-25 05:45:55 +0530 |
commit | b08b7fe78785230dd37e7969e38f1913727fbc88 (patch) | |
tree | c7a18c83b555478d880db780a715f450fabc4448 | |
parent | cff89ceda0f237f7d5368056ed59c657065fe094 (diff) | |
parent | 900778731c49611e1318e4d1839768eb46f26813 (diff) | |
download | php-git-b08b7fe78785230dd37e7969e38f1913727fbc88.tar.gz |
Merge branch 'PHP-5.3' into PHP-5.4
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | ext/standard/link.c | 13 |
2 files changed, 16 insertions, 1 deletions
@@ -88,6 +88,10 @@ PHP NEWS . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL bytes). (Nikita Popov) +- Readline: + . Add open_basedir checks to readline_write_history and readline_read_history. + (Rasmus, reported by Mateusz Goik) + - Reflection: . Fixed bug #60968 (Late static binding doesn't work with ReflectionMethod::invokeArgs()). (Laruence) diff --git a/ext/standard/link.c b/ext/standard/link.c index 4c65adc1c7..3832e703bb 100644 --- a/ext/standard/link.c +++ b/ext/standard/link.c @@ -85,7 +85,8 @@ PHP_FUNCTION(readlink) PHP_FUNCTION(linkinfo) { char *link; - int link_len; + char *dirname; + int link_len, dir_len; struct stat sb; int ret; @@ -93,12 +94,22 @@ PHP_FUNCTION(linkinfo) return; } + dirname = estrndup(link, link_len); + dir_len = php_dirname(dirname, link_len); + + if (php_check_open_basedir(dirname TSRMLS_CC)) { + efree(dirname); + RETURN_FALSE; + } + ret = VCWD_LSTAT(link, &sb); if (ret == -1) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s", strerror(errno)); + efree(dirname); RETURN_LONG(-1L); } + efree(dirname); RETURN_LONG((long) sb.st_dev); } /* }}} */ |