diff options
| author | Sara Golemon <pollita@php.net> | 2017-01-09 11:02:50 -0800 |
|---|---|---|
| committer | Sara Golemon <pollita@php.net> | 2017-01-09 11:02:50 -0800 |
| commit | 7e49e8e7970b423968de7a53ea9a0796f4634276 (patch) | |
| tree | 3989f935caa391757695cc444672ce9252ea49b8 | |
| parent | db890956ecc11c090716a536b00a07f2499fa73a (diff) | |
| download | php-git-7e49e8e7970b423968de7a53ea9a0796f4634276.tar.gz | |
Fix open_basedir check for glob:// opendir wrapper
php_check_open_basedir() expects a local filesystem path,
but we're handing it a `glob://...` URI instead.
Move the check to after the path trim so that we're checking
a meaningful pathspec.
| -rw-r--r-- | ext/standard/tests/streams/glob-wrapper.phpt | 35 | ||||
| -rw-r--r-- | main/streams/glob_wrapper.c | 8 |
2 files changed, 39 insertions, 4 deletions
diff --git a/ext/standard/tests/streams/glob-wrapper.phpt b/ext/standard/tests/streams/glob-wrapper.phpt new file mode 100644 index 0000000000..fc47d83a02 --- /dev/null +++ b/ext/standard/tests/streams/glob-wrapper.phpt @@ -0,0 +1,35 @@ +--TEST-- +Glob wrapper bypasses open_basedir +--INI-- +open_basedir=/does_not_exist +--SKIPIF-- +<?php +if (!in_array("glob", stream_get_wrappers())) echo "skip"; +--FILE-- +<?php + +foreach ( [ __DIR__, "glob://".__DIR__ ] as $spec) { + echo "** Opening $spec\n"; + $dir = opendir($spec); + if (!$dir) { + echo "Failed to open $spec\n"; + continue; + } + if (false === readdir($dir)) { + echo "No files in $spec\n"; + continue; + } +} +--EXPECTF-- +** Opening %s + +Warning: opendir(): open_basedir restriction in effect. File(/%s) is not within the allowed path(s): (/does_not_exist) in %s/glob-wrapper.php on line 5 + +Warning: opendir(/%s): failed to open dir: Operation not permitted in %s/glob-wrapper.php on line 5 +Failed to open /%s +** Opening glob://%s + +Warning: opendir(): open_basedir restriction in effect. File(/%s) is not within the allowed path(s): (/does_not_exist) in %s/glob-wrapper.php on line 5 + +Warning: opendir(glob://%s): failed to open dir: operation failed in %s/glob-wrapper.php on line 5 +Failed to open glob://%s diff --git a/main/streams/glob_wrapper.c b/main/streams/glob_wrapper.c index 8405bef73c..90d7bef0fd 100644 --- a/main/streams/glob_wrapper.c +++ b/main/streams/glob_wrapper.c @@ -213,10 +213,6 @@ static php_stream *php_glob_stream_opener(php_stream_wrapper *wrapper, const cha int ret; const char *tmp, *pos; - if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(path TSRMLS_CC)) { - return NULL; - } - if (!strncmp(path, "glob://", sizeof("glob://")-1)) { path += sizeof("glob://")-1; if (opened_path) { @@ -224,6 +220,10 @@ static php_stream *php_glob_stream_opener(php_stream_wrapper *wrapper, const cha } } + if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(path TSRMLS_CC)) { + return NULL; + } + pglob = ecalloc(sizeof(*pglob), 1); if (0 != (ret = glob(path, pglob->flags & GLOB_FLAGMASK, NULL, &pglob->glob))) { |