diff options
| author | Christoph M. Becker <cmbecker69@gmx.de> | 2020-06-30 10:47:49 +0200 |
|---|---|---|
| committer | Christoph M. Becker <cmbecker69@gmx.de> | 2020-06-30 10:48:07 +0200 |
| commit | 993b19ae69281139b50ea53fd3320484712a44ed (patch) | |
| tree | acad4b5934aaab973035e30c65d570078a30759c | |
| parent | 4af69b84779c1e13e0d98a8eac18a81c0d61f283 (diff) | |
| parent | 7f3bc64287588f6a838d1a9524624deba1e5e153 (diff) | |
| download | php-git-993b19ae69281139b50ea53fd3320484712a44ed.tar.gz | |
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
Fix #70362: Can't copy() large 'data://' with open_basedir
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | ext/standard/file.c | 2 | ||||
| -rw-r--r-- | ext/standard/tests/streams/bug70362.phpt | 15 |
3 files changed, 19 insertions, 1 deletions
@@ -25,6 +25,9 @@ PHP NEWS . Fixed bug #69804 ()::getStaticPropertyValue() throws on protected props). (cmb, Nikita) +- Standard: + . Fixed bug #70362 (Can't copy() large 'data://' with open_basedir). (cmb) + ?? ??? 2020, PHP 7.4.8 - Core: diff --git a/ext/standard/file.c b/ext/standard/file.c index 12effbdb29..a68db967f1 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -1662,7 +1662,7 @@ PHP_FUNCTION(copy) Z_PARAM_RESOURCE_EX(zcontext, 1, 0) ZEND_PARSE_PARAMETERS_END(); - if (php_check_open_basedir(source)) { + if (php_stream_locate_url_wrapper(source, NULL, 0) == &php_plain_files_wrapper && php_check_open_basedir(source)) { RETURN_FALSE; } diff --git a/ext/standard/tests/streams/bug70362.phpt b/ext/standard/tests/streams/bug70362.phpt new file mode 100644 index 0000000000..3fbc3fea16 --- /dev/null +++ b/ext/standard/tests/streams/bug70362.phpt @@ -0,0 +1,15 @@ +--TEST-- +Bug #70362 (Can't copy() large 'data://' with open_basedir) +--INI-- +open_basedir=. +--FILE-- +<?php +$temp = tempnam(__DIR__, 'test'); +$data = str_repeat('0', 4096); +$data = 'data://plain/text;base64,' . base64_encode($data); +var_dump(copy($data, $temp)); +echo file_get_contents($temp); +?> +--EXPECT-- +bool(true) +0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 |