Fixed safe_mode check for source argument of the copy() function.

author: Ilia Alshanetsky <iliaa@php.net> 2006-04-06 02:39:55 +0000
committer: Ilia Alshanetsky <iliaa@php.net> 2006-04-06 02:39:55 +0000
commit: 8f7319a49fcf654bac56f022e7898b2b20a54626 (patch)
tree: a4e3bbb90ebc3f7a12fd3c97691b4d57fcf43ac0
parent: 40e25b5ad7b918dbda3fa24f68e674a36a6c83df (diff)
download: php-git-8f7319a49fcf654bac56f022e7898b2b20a54626.tar.gz
2 files changed, 2 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 48d111fe43..bb7dadcd7f 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,7 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 30 Mar 2006, PHP 5.1.3RC2
+- Fixed safe_mode check for source argument of the copy() function. (Ilia)
 - Fixed mysqli bigint conversion under Windows (Georg)
 - Fixed XSS inside phpinfo() with long inputs. (Ilia)
 - Check 2nd parameter of tempnam() against path components. (Ilia)
diff --git a/ext/standard/file.c b/ext/standard/file.c
index 12816c75c5..bc5ee3d2c1 100644
--- a/ext/standard/file.c
+++ b/ext/standard/file.c
@@ -1767,7 +1767,7 @@ no_stat:
 	}
 safe_to_copy:
 
-	srcstream = php_stream_open_wrapper(src, "rb", STREAM_DISABLE_OPEN_BASEDIR | REPORT_ERRORS, NULL);
+	srcstream = php_stream_open_wrapper(src, "rb", ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL);
 	
 	if (!srcstream) {
 		return ret;
author	Ilia Alshanetsky <iliaa@php.net>	2006-04-06 02:39:55 +0000
committer	Ilia Alshanetsky <iliaa@php.net>	2006-04-06 02:39:55 +0000
commit	8f7319a49fcf654bac56f022e7898b2b20a54626 (patch)
tree	a4e3bbb90ebc3f7a12fd3c97691b4d57fcf43ac0
parent	40e25b5ad7b918dbda3fa24f68e674a36a6c83df (diff)
download	php-git-8f7319a49fcf654bac56f022e7898b2b20a54626.tar.gz