Added missing safe_mode checks.

author: Ilia Alshanetsky <iliaa@php.net> 2003-04-18 00:20:22 +0000
committer: Ilia Alshanetsky <iliaa@php.net> 2003-04-18 00:20:22 +0000
commit: 7f94983ee05a17ff1739efeb603df3bcfb746b91 (patch)
tree: 40a3de33511b19811a66001cee52ce42e9257759 /ext/domxml/php_domxml.c
parent: 19ef914bb4b9338db8522ff0361bb051b310dc06 (diff)
download: php-git-7f94983ee05a17ff1739efeb603df3bcfb746b91.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/ext/domxml/php_domxml.c b/ext/domxml/php_domxml.c
index 42e0856513..8d18cbea6c 100644
--- a/ext/domxml/php_domxml.c
+++ b/ext/domxml/php_domxml.c
@@ -3944,6 +3944,10 @@ PHP_FUNCTION(domxml_dump_mem_file)
 
 	DOMXML_PARAM_FOUR(docp, id, le_domxmldocp, "s|ll", &file, &file_len, &compressmode, &format);
 
+	if ((PG(safe_mode) && (!php_checkuid(file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(file TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
+
 	xmlSetCompressMode(compressmode);
 
 	if (format) {
@@ -5615,6 +5619,9 @@ PHP_FUNCTION(domxml_xslt_result_dump_file)
 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "os|l", &idxml, &filename, &filename_len, &compression) == FAILURE) {
 		RETURN_FALSE;
 	}
+	if ((PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
 
 	DOMXML_GET_OBJ(xmldocp, idxml, le_domxmldocp);
author	Ilia Alshanetsky <iliaa@php.net>	2003-04-18 00:20:22 +0000
committer	Ilia Alshanetsky <iliaa@php.net>	2003-04-18 00:20:22 +0000
commit	7f94983ee05a17ff1739efeb603df3bcfb746b91 (patch)
tree	40a3de33511b19811a66001cee52ce42e9257759 /ext/domxml/php_domxml.c
parent	19ef914bb4b9338db8522ff0361bb051b310dc06 (diff)
download	php-git-7f94983ee05a17ff1739efeb603df3bcfb746b91.tar.gz