diff options
| author | Ilia Alshanetsky <iliaa@php.net> | 2006-09-16 18:10:32 +0000 |
|---|---|---|
| committer | Ilia Alshanetsky <iliaa@php.net> | 2006-09-16 18:10:32 +0000 |
| commit | 4c65e0e1cd4c4907b203c8dedaab726e162292db (patch) | |
| tree | 5395c306a9ac707a3bdac936a8e87e24704cb005 /ext/sqlite/sqlite.c | |
| parent | bfc9cd7174155368c11e94f45c6e32e0e7ddb677 (diff) | |
| download | php-git-4c65e0e1cd4c4907b203c8dedaab726e162292db.tar.gz | |
Added missing validation checks around expand_filepath()
Diffstat (limited to 'ext/sqlite/sqlite.c')
| -rw-r--r-- | ext/sqlite/sqlite.c | 25 |
1 files changed, 10 insertions, 15 deletions
diff --git a/ext/sqlite/sqlite.c b/ext/sqlite/sqlite.c index c499fa530c..b7a9483342 100644 --- a/ext/sqlite/sqlite.c +++ b/ext/sqlite/sqlite.c @@ -1237,13 +1237,13 @@ PHP_FUNCTION(sqlite_popen) if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { /* resolve the fully-qualified path name to use as the hash key */ - fullpath = expand_filepath(filename, NULL TSRMLS_CC); - - if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { RETURN_FALSE; } - if (php_check_open_basedir(fullpath TSRMLS_CC)) { + if ((PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || + php_check_open_basedir(fullpath TSRMLS_CC)) { + efree(fullpath); RETURN_FALSE; } } else { @@ -1313,11 +1313,8 @@ PHP_FUNCTION(sqlite_open) if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { /* resolve the fully-qualified path name to use as the hash key */ - fullpath = expand_filepath(filename, NULL TSRMLS_CC); - - if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { php_std_error_handling(); - efree(fullpath); if (object) { RETURN_NULL(); } else { @@ -1325,7 +1322,8 @@ PHP_FUNCTION(sqlite_open) } } - if (php_check_open_basedir(fullpath TSRMLS_CC)) { + if ((PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || + php_check_open_basedir(fullpath TSRMLS_CC)) { php_std_error_handling(); efree(fullpath); if (object) { @@ -1334,7 +1332,6 @@ PHP_FUNCTION(sqlite_open) RETURN_FALSE; } } - } php_sqlite_open(fullpath ? fullpath : filename, (int)mode, NULL, return_value, errmsg, object TSRMLS_CC); @@ -1368,15 +1365,13 @@ PHP_FUNCTION(sqlite_factory) if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { /* resolve the fully-qualified path name to use as the hash key */ - fullpath = expand_filepath(filename, NULL TSRMLS_CC); - - if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - efree(fullpath); + if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { php_std_error_handling(); RETURN_NULL(); } - if (php_check_open_basedir(fullpath TSRMLS_CC)) { + if ((PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || + php_check_open_basedir(fullpath TSRMLS_CC)) { efree(fullpath); php_std_error_handling(); RETURN_NULL(); |