diff options
| author | Felipe Pena <felipe@php.net> | 2008-07-21 19:32:21 +0000 |
|---|---|---|
| committer | Felipe Pena <felipe@php.net> | 2008-07-21 19:32:21 +0000 |
| commit | dab8b811c28a1f9f45c7db717bf890dc9d9db97a (patch) | |
| tree | 3fc7f035d966da6d244666c246ed99aa3220d64a | |
| parent | e19f52047cb8b6683cce156a5e44d0fdac27dcb4 (diff) | |
| download | php-git-dab8b811c28a1f9f45c7db717bf890dc9d9db97a.tar.gz | |
- Fixed securities issue detailed in CVE-2008-2665 and CVE-2008-2666.
(patch by Christian Hoffmann)
| -rw-r--r-- | main/safe_mode.c | 8 |
1 files changed, 0 insertions, 8 deletions
diff --git a/main/safe_mode.c b/main/safe_mode.c index b791351c3b..d9d1a4f02b 100644 --- a/main/safe_mode.c +++ b/main/safe_mode.c @@ -73,14 +73,6 @@ PHPAPI int php_checkuid_ex(const char *filename, const char *fopen_mode, int mod mode = CHECKUID_CHECK_FILE_AND_DIR; } } - - /* - * If given filepath is a URL, allow - safe mode stuff - * related to URL's is checked in individual functions - */ - wrapper = php_stream_locate_url_wrapper(filename, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC); - if (wrapper != NULL) - return 1; /* First we see if the file is owned by the same user... * If that fails, passthrough and check directory... |