diff options
| author | Andi Gutmans <andi@php.net> | 2000-11-02 23:08:07 +0000 |
|---|---|---|
| committer | Andi Gutmans <andi@php.net> | 2000-11-02 23:08:07 +0000 |
| commit | d0ec3df2884f58b7d7defb2e6a43e6b060789805 (patch) | |
| tree | 73593b33fce95e5c7bc734b7f29e6df82477dd72 | |
| parent | e17df3a7bcfb6d408ae5db4ceff4b77c4efb9fe4 (diff) | |
| download | php-git-d0ec3df2884f58b7d7defb2e6a43e6b060789805.tar.gz | |
- Use CHECKUID_* #define's instead of cryptic numbers in php_checkuid()
- I did not test for validity of the actual php_checkuid() calls and there
- might be mistakes in the previous code.
| -rw-r--r-- | ext/db/db.c | 2 | ||||
| -rw-r--r-- | ext/dbase/dbase.c | 4 | ||||
| -rw-r--r-- | ext/filepro/filepro.c | 6 | ||||
| -rw-r--r-- | ext/pgsql/pgsql.c | 2 | ||||
| -rw-r--r-- | ext/posix/posix.c | 2 | ||||
| -rw-r--r-- | ext/standard/file.c | 10 | ||||
| -rw-r--r-- | ext/standard/filestat.c | 8 | ||||
| -rw-r--r-- | ext/standard/link.c | 4 | ||||
| -rw-r--r-- | main/fopen_wrappers.c | 8 |
9 files changed, 23 insertions, 23 deletions
diff --git a/ext/db/db.c b/ext/db/db.c index 9f42cd8cfc..5c5eb61966 100644 --- a/ext/db/db.c +++ b/ext/db/db.c @@ -289,7 +289,7 @@ dbm_info *php_dbm_open(char *filename, char *mode) { return NULL; } - if (PG(safe_mode) && (!php_checkuid(filename, NULL, 2))) { + if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { return NULL; } diff --git a/ext/dbase/dbase.c b/ext/dbase/dbase.c index baa2520bd5..a6c5bf1557 100644 --- a/ext/dbase/dbase.c +++ b/ext/dbase/dbase.c @@ -122,7 +122,7 @@ PHP_FUNCTION(dbase_open) { convert_to_string(dbf_name); convert_to_long(options); - if (PG(safe_mode) && (!php_checkuid(dbf_name->value.str.val, NULL, 2))) { + if (PG(safe_mode) && (!php_checkuid(dbf_name->value.str.val, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } @@ -590,7 +590,7 @@ PHP_FUNCTION(dbase_create) { RETURN_FALSE; } - if (PG(safe_mode) && (!php_checkuid(Z_STRVAL_P(filename), NULL, 2))) { + if (PG(safe_mode) && (!php_checkuid(Z_STRVAL_P(filename), NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } diff --git a/ext/filepro/filepro.c b/ext/filepro/filepro.c index c98cbabd77..6b7a3b6061 100644 --- a/ext/filepro/filepro.c +++ b/ext/filepro/filepro.c @@ -206,7 +206,7 @@ PHP_FUNCTION(filepro) sprintf(workbuf, "%s/map", dir->value.str.val); - if (PG(safe_mode) && (!php_checkuid(workbuf, NULL, 2))) { + if (PG(safe_mode) && (!php_checkuid(workbuf, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } @@ -305,7 +305,7 @@ PHP_FUNCTION(filepro_rowcount) /* Now read the records in, moving forward recsize-1 bytes each time */ sprintf(workbuf, "%s/key", FP_GLOBAL(fp_database)); - if (PG(safe_mode) && (!php_checkuid(workbuf, NULL, 2))) { + if (PG(safe_mode) && (!php_checkuid(workbuf, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } @@ -530,7 +530,7 @@ PHP_FUNCTION(filepro_retrieve) /* Now read the record in */ sprintf(workbuf, "%s/key", FP_GLOBAL(fp_database)); - if (PG(safe_mode) && (!php_checkuid(workbuf, NULL, 2))) { + if (PG(safe_mode) && (!php_checkuid(workbuf, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c index 1bbc9a86f2..68e53fedb1 100644 --- a/ext/pgsql/pgsql.c +++ b/ext/pgsql/pgsql.c @@ -1663,7 +1663,7 @@ PHP_FUNCTION(pg_loimport) break; } - if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(file_in), NULL, 2))) { + if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(file_in), NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } diff --git a/ext/posix/posix.c b/ext/posix/posix.c index 0eba167dab..537ad4bf23 100644 --- a/ext/posix/posix.c +++ b/ext/posix/posix.c @@ -665,7 +665,7 @@ PHP_FUNCTION(posix_mkfifo) convert_to_string(path); convert_to_long(mode); - if (PG(safe_mode) && (!php_checkuid(path->value.str.val, NULL, 3))) { + if (PG(safe_mode) && (!php_checkuid(path->value.str.val, NULL, CHECKUID_ALLOW_ONLY_DIR))) { RETURN_FALSE; } result = mkfifo(path->value.str.val, mode->value.lval); diff --git a/ext/standard/file.c b/ext/standard/file.c index 02e4a7a947..fdee1c9f7c 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -1287,7 +1287,7 @@ PHP_FUNCTION(mkdir) convert_to_string_ex(arg1); convert_to_long_ex(arg2); mode = (mode_t) (*arg2)->value.lval; - if (PG(safe_mode) &&(!php_checkuid((*arg1)->value.str.val, NULL, 3))) { + if (PG(safe_mode) &&(!php_checkuid((*arg1)->value.str.val, NULL, CHECKUID_ALLOW_ONLY_DIR))) { RETURN_FALSE; } ret = V_MKDIR((*arg1)->value.str.val, mode); @@ -1312,7 +1312,7 @@ PHP_FUNCTION(rmdir) WRONG_PARAM_COUNT; } convert_to_string_ex(arg1); - if (PG(safe_mode) &&(!php_checkuid((*arg1)->value.str.val, NULL, 1))) { + if (PG(safe_mode) &&(!php_checkuid((*arg1)->value.str.val, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS))) { RETURN_FALSE; } ret = V_RMDIR((*arg1)->value.str.val); @@ -1505,7 +1505,7 @@ PHP_FUNCTION(rename) old_name = (*old_arg)->value.str.val; new_name = (*new_arg)->value.str.val; - if (PG(safe_mode) &&(!php_checkuid(old_name, NULL, 2))) { + if (PG(safe_mode) &&(!php_checkuid(old_name, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } ret = V_RENAME(old_name, new_name); @@ -1533,7 +1533,7 @@ PHP_FUNCTION(unlink) } convert_to_string_ex(filename); - if (PG(safe_mode) && !php_checkuid((*filename)->value.str.val, NULL, 2)) { + if (PG(safe_mode) && !php_checkuid((*filename)->value.str.val, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { RETURN_FALSE; } @@ -1639,7 +1639,7 @@ PHP_FUNCTION(copy) convert_to_string_ex(source); convert_to_string_ex(target); - if (PG(safe_mode) &&(!php_checkuid((*source)->value.str.val, NULL, 2))) { + if (PG(safe_mode) &&(!php_checkuid((*source)->value.str.val, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } diff --git a/ext/standard/filestat.c b/ext/standard/filestat.c index fa70990154..e845f4872e 100644 --- a/ext/standard/filestat.c +++ b/ext/standard/filestat.c @@ -252,7 +252,7 @@ PHP_FUNCTION(chgrp) gid = (*group)->value.lval; } - if (PG(safe_mode) &&(!php_checkuid((*filename)->value.str.val, NULL, 1))) { + if (PG(safe_mode) &&(!php_checkuid((*filename)->value.str.val, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS))) { RETURN_FALSE; } @@ -300,7 +300,7 @@ PHP_FUNCTION(chown) uid = (*user)->value.lval; } - if (PG(safe_mode) &&(!php_checkuid((*filename)->value.str.val, NULL, 1))) { + if (PG(safe_mode) &&(!php_checkuid((*filename)->value.str.val, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS))) { RETURN_FALSE; } @@ -334,7 +334,7 @@ PHP_FUNCTION(chmod) convert_to_string_ex(filename); convert_to_long_ex(mode); - if (PG(safe_mode) &&(!php_checkuid((*filename)->value.str.val, NULL, 1))) { + if (PG(safe_mode) &&(!php_checkuid((*filename)->value.str.val, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS))) { RETURN_FALSE; } @@ -397,7 +397,7 @@ PHP_FUNCTION(touch) } convert_to_string_ex(filename); - if (PG(safe_mode) &&(!php_checkuid((*filename)->value.str.val, NULL, 2))) { + if (PG(safe_mode) &&(!php_checkuid((*filename)->value.str.val, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { if (newtime) efree(newtime); RETURN_FALSE; } diff --git a/ext/standard/link.c b/ext/standard/link.c index f7dd9a1aeb..b5af9ca65d 100644 --- a/ext/standard/link.c +++ b/ext/standard/link.c @@ -110,7 +110,7 @@ PHP_FUNCTION(symlink) convert_to_string_ex(topath); convert_to_string_ex(frompath); - if (PG(safe_mode) && !php_checkuid((*topath)->value.str.val, NULL, 2)) { + if (PG(safe_mode) && !php_checkuid((*topath)->value.str.val, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { RETURN_FALSE; } if (!strncasecmp((*topath)->value.str.val,"http://",7) || !strncasecmp((*topath)->value.str.val,"ftp://",6)) { @@ -141,7 +141,7 @@ PHP_FUNCTION(link) convert_to_string_ex(topath); convert_to_string_ex(frompath); - if (PG(safe_mode) && !php_checkuid((*topath)->value.str.val, NULL, 2)) { + if (PG(safe_mode) && !php_checkuid((*topath)->value.str.val, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { RETURN_FALSE; } if (!strncasecmp((*topath)->value.str.val,"http://",7) || !strncasecmp((*topath)->value.str.val,"ftp://",6)) { diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index c0d6609ce5..032eac346b 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -373,14 +373,14 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char ** /* Absolute & relative path open */ if ((*filename == '.') || (IS_ABSOLUTE_PATH(filename, filename_length))) { - if (PG(safe_mode) && (!php_checkuid(filename, mode, 0))) { + if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_DISALLOW_FILE_NOT_EXISTS))) { return NULL; } return php_fopen_and_set_opened_path(filename, mode, opened_path); } if (!path || (path && !*path)) { - if (PG(safe_mode) && (!php_checkuid(filename, mode, 0))) { + if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_DISALLOW_FILE_NOT_EXISTS))) { return NULL; } return php_fopen_and_set_opened_path(filename, mode, opened_path); @@ -401,7 +401,7 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char ** } snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename); if (PG(safe_mode)) { - if (V_STAT(trypath, &sb) == 0 && (!php_checkuid(trypath, mode, 0))) { + if (V_STAT(trypath, &sb) == 0 && (!php_checkuid(trypath, mode, CHECKUID_DISALLOW_FILE_NOT_EXISTS))) { efree(pathbuf); return NULL; } @@ -464,7 +464,7 @@ static FILE *php_fopen_url_wrapper(const char *path, char *mode, int options, in if (options & USE_PATH) { fp = php_fopen_with_path((char *) path, mode, PG(include_path), opened_path); } else { - if (options & ENFORCE_SAFE_MODE && PG(safe_mode) && (!php_checkuid(path, mode, 0))) { + if (options & ENFORCE_SAFE_MODE && PG(safe_mode) && (!php_checkuid(path, mode, CHECKUID_DISALLOW_FILE_NOT_EXISTS))) { fp = NULL; } else { fp = php_fopen_and_set_opened_path(path, mode, opened_path); |