diff options
| author | Ilia Alshanetsky <iliaa@php.net> | 2006-10-01 20:58:02 +0000 |
|---|---|---|
| committer | Ilia Alshanetsky <iliaa@php.net> | 2006-10-01 20:58:02 +0000 |
| commit | 154f70acf1560bd6633cf7cce1efe1528f35c36f (patch) | |
| tree | 4abb0943e8f958b3a4ca0f97235213b299f92cd5 | |
| parent | bd088df90cee4bd6d81067acc32bc9cae3416897 (diff) | |
| download | php-git-154f70acf1560bd6633cf7cce1efe1528f35c36f.tar.gz | |
Fixed bug #38993 (Fixed safe_mode/open_basedir checks for
session.save_path, allowing them to account for extra parameters).
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | ext/session/session.c | 12 | ||||
| -rw-r--r-- | ext/standard/basic_functions.c | 1 |
3 files changed, 12 insertions, 3 deletions
@@ -6,6 +6,8 @@ PHP NEWS - Fixed mess with CGI/CLI -d option (now it works with cgi; constants are working exactly like in php.ini; with FastCGI -d affects all requests). (Dmitry) +- Fixed bug #38993 (Fixed safe_mode/open_basedir checks for + session.save_path, allowing them to account for extra parameters). (Ilia) - Fixed bug #38981 (using FTP URLs in get_headers() causes crash). (Tony) - Fixed bug #38961 (metaphone() results in segmentation fault on NetBSD). (Tony) diff --git a/ext/session/session.c b/ext/session/session.c index 3078cff9fc..1d6f991b14 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -154,11 +154,19 @@ static PHP_INI_MH(OnUpdateSaveDir) { /* Only do the safemode/open_basedir check at runtime */ if (stage == PHP_INI_STAGE_RUNTIME) { - if (PG(safe_mode) && (!php_checkuid(new_value, NULL, CHECKUID_ALLOW_ONLY_DIR))) { + char *p; + + if ((p = zend_memrchr(new_value, ';', new_value_length))) { + p++; + } else { + p = new_value; + } + + if (PG(safe_mode) && (!php_checkuid(p, NULL, CHECKUID_ALLOW_ONLY_DIR))) { return FAILURE; } - if (php_check_open_basedir(new_value TSRMLS_CC)) { + if (php_check_open_basedir(p TSRMLS_CC)) { return FAILURE; } } diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 7beb9deb92..78bfea7ed9 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -5622,7 +5622,6 @@ PHP_FUNCTION(ini_set) _CHECK_PATH(varname, "java.class.path") || _CHECK_PATH(varname, "java.home") || _CHECK_PATH(varname, "java.library.path") || - _CHECK_PATH(varname, "session.save_path") || _CHECK_PATH(varname, "vpopmail.directory")) { if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(new_value), NULL, CHECKUID_CHECK_FILE_AND_DIR))) { zval_dtor(return_value); |