diff options
| author | Jani Taskinen <jani@php.net> | 2007-08-22 14:59:45 +0000 |
|---|---|---|
| committer | Jani Taskinen <jani@php.net> | 2007-08-22 14:59:45 +0000 |
| commit | 8ab99847073dd11a46fec83ac16dfd845b1e40df (patch) | |
| tree | 86b0f37dc311a669d638850822fed598c674f38f | |
| parent | 8a61fc9b6e4961c3a2d92b3b856104dd32781f7d (diff) | |
| download | php-git-8ab99847073dd11a46fec83ac16dfd845b1e40df.tar.gz | |
MFH:- Fixed bug #42365 (glob() crashes with invalid flags)
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | ext/standard/dir.c | 38 |
2 files changed, 34 insertions, 5 deletions
@@ -1,6 +1,7 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? Aug 2007, PHP 5.2.4 +- Fixed bug #42365 (glob() crashes and/or accepts way too many flags). (Jani) - Fixed bug #42183 (classmap cause crashr in non-wsdl mode). (Dmitry) - Fixed bug #42009 (is_a() and is_subclass_of() should NOT call autoload, in the same way as "instanceof" operator). (Dmitry) diff --git a/ext/standard/dir.c b/ext/standard/dir.c index b7c8175bec..d78bc615f2 100644 --- a/ext/standard/dir.c +++ b/ext/standard/dir.c @@ -141,34 +141,56 @@ PHP_MINIT_FUNCTION(dir) REGISTER_STRING_CONSTANT("PATH_SEPARATOR", pathsep_str, CONST_CS|CONST_PERSISTENT); #ifdef HAVE_GLOB + #ifdef GLOB_BRACE REGISTER_LONG_CONSTANT("GLOB_BRACE", GLOB_BRACE, CONST_CS | CONST_PERSISTENT); +#else +# define GLOB_BRACE 0 #endif + #ifdef GLOB_MARK REGISTER_LONG_CONSTANT("GLOB_MARK", GLOB_MARK, CONST_CS | CONST_PERSISTENT); +#else +# define GLOB_MARK 0 #endif + #ifdef GLOB_NOSORT REGISTER_LONG_CONSTANT("GLOB_NOSORT", GLOB_NOSORT, CONST_CS | CONST_PERSISTENT); +#else +# define GLOB_NOSORT 0 #endif + #ifdef GLOB_NOCHECK REGISTER_LONG_CONSTANT("GLOB_NOCHECK", GLOB_NOCHECK, CONST_CS | CONST_PERSISTENT); +#else +# define GLOB_NOCHECK 0 #endif + #ifdef GLOB_NOESCAPE REGISTER_LONG_CONSTANT("GLOB_NOESCAPE", GLOB_NOESCAPE, CONST_CS | CONST_PERSISTENT); +#else +# define GLOB_NOESCAPE 0 #endif + #ifdef GLOB_ERR REGISTER_LONG_CONSTANT("GLOB_ERR", GLOB_ERR, CONST_CS | CONST_PERSISTENT); +#else +# define GLOB_ERR 0 #endif #ifndef GLOB_ONLYDIR -#define GLOB_ONLYDIR (1<<30) -#define GLOB_EMULATE_ONLYDIR -#define GLOB_FLAGMASK (~GLOB_ONLYDIR) +# define GLOB_ONLYDIR (1<<30) +# define GLOB_EMULATE_ONLYDIR +# define GLOB_FLAGMASK (~GLOB_ONLYDIR) #else -#define GLOB_FLAGMASK (~0) +# define GLOB_FLAGMASK (~0) #endif +/* This is used for checking validity of passed flags (passing invalid flags causes segfault in glob()!! */ +#define GLOB_AVAILABLE_FLAGS (0 | GLOB_BRACE | GLOB_MARK | GLOB_NOSORT | GLOB_NOCHECK | GLOB_NOESCAPE | GLOB_ERR | GLOB_ONLYDIR) + REGISTER_LONG_CONSTANT("GLOB_ONLYDIR", GLOB_ONLYDIR, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("GLOB_AVAILABLE_FLAGS", GLOB_AVAILABLE_FLAGS, CONST_CS | CONST_PERSISTENT); #endif /* HAVE_GLOB */ @@ -375,8 +397,14 @@ PHP_FUNCTION(glob) int n; int ret; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|l", &pattern, &pattern_len, &flags) == FAILURE) + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|l", &pattern, &pattern_len, &flags) == FAILURE) { return; + } + + if ((GLOB_AVAILABLE_FLAGS & flags) != flags) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "At least one of the passed flags is invalid or not supported on this platform"); + RETURN_FALSE; + } #ifdef ZTS if (!IS_ABSOLUTE_PATH(pattern, pattern_len)) { |