MFH: Additional open_basedir/safe_mode checks.

author: Ilia Alshanetsky <iliaa@php.net> 2005-10-31 23:47:24 +0000
committer: Ilia Alshanetsky <iliaa@php.net> 2005-10-31 23:47:24 +0000
commit: 237bcf0da7cbaec8246989a641a14d8fc3051857 (patch)
tree: c8a298f33b789ce063c8ddf8d9a24d2b0cd22a93
parent: 8c49a72ecc0394dbd40204f158c8645a36ada5f1 (diff)
download: php-git-237bcf0da7cbaec8246989a641a14d8fc3051857.tar.gz
2 files changed, 2 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 3e47cad45d..1f9b5d03aa 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,7 @@
 PHP 4                                                                      NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2006, Version 4.4.2
+- Missing safe_mode/open_basedir check in cURL extension. (Ilia)
 - Fixed bug #34996 (ImageTrueColorToPalette() crashes when ncolors is 
   zero). (Tony)
 
diff --git a/ext/curl/curl.c b/ext/curl/curl.c
index 79cf4433f5..b2b28a3b8d 100644
--- a/ext/curl/curl.c
+++ b/ext/curl/curl.c
@@ -76,7 +76,7 @@ static void _php_curl_close(zend_rsrc_list_entry *rsrc TSRMLS_DC);
 			RETURN_FALSE; 																		\
 		} 																						\
 																								\
-		if (tmp_url->query || php_check_open_basedir(tmp_url->path TSRMLS_CC) || 									\
+		if (tmp_url->query || tmp_url->fragment || php_check_open_basedir(tmp_url->path TSRMLS_CC) || 									\
 			(PG(safe_mode) && !php_checkuid(tmp_url->path, "rb+", CHECKUID_CHECK_MODE_PARAM))	\
 		) { 																					\
 			php_url_free(tmp_url); 																\
author	Ilia Alshanetsky <iliaa@php.net>	2005-10-31 23:47:24 +0000
committer	Ilia Alshanetsky <iliaa@php.net>	2005-10-31 23:47:24 +0000
commit	237bcf0da7cbaec8246989a641a14d8fc3051857 (patch)
tree	c8a298f33b789ce063c8ddf8d9a24d2b0cd22a93
parent	8c49a72ecc0394dbd40204f158c8645a36ada5f1 (diff)
download	php-git-237bcf0da7cbaec8246989a641a14d8fc3051857.tar.gz