diff options
| author | Zeev Suraski <zeev@php.net> | 2000-09-09 11:41:14 +0000 |
|---|---|---|
| committer | Zeev Suraski <zeev@php.net> | 2000-09-09 11:41:14 +0000 |
| commit | 6c4cb4c0791fa3a0c115789b4d22ecf675438ecb (patch) | |
| tree | 16824bbb4494c464525b9c963937d112a5e0ad8d /ext/swf | |
| parent | 20fe0a568501bc8ec52f78cc3bf9a7c105e92b35 (diff) | |
| download | php-git-6c4cb4c0791fa3a0c115789b4d22ecf675438ecb.tar.gz | |
Security related updates:
- Introduce php_open_temporary_file(), in place of tempnam(). Still
needs testing under UNIX (mkstemp()), works reliably under Windows now.
- Reimplement the mechanism for unlinking uploaded files at the end of the request
(was it ever tested?). Files moved with move_uploaded_file() will not be unlink()'d
again, to avoid (albeit very unlikely) race conditions.
Diffstat (limited to 'ext/swf')
| -rw-r--r-- | ext/swf/swf.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/ext/swf/swf.c b/ext/swf/swf.c index 189d21debf..6c7f2a3157 100644 --- a/ext/swf/swf.c +++ b/ext/swf/swf.c @@ -164,6 +164,7 @@ PHP_FUNCTION(swf_openfile) { zval **name, **sizeX, **sizeY, **frameRate, **r, **g, **b; char *na, *tmpna; + zend_bool free_na; SWFLS_FETCH(); if (ZEND_NUM_ARGS() != 7 || @@ -183,9 +184,16 @@ PHP_FUNCTION(swf_openfile) tmpna = Z_STRVAL_PP(name); if (strcasecmp("php://stdout", tmpna) == 0) { - na = tempnam(NULL, "php_swf_stdout"); + FILE *fp; + + fp = php_open_temporary_file(NULL, "php_swf_stdout", &na); + if (!fp) { + free_na = 0; + RETURN_FALSE; + } unlink((const char *)na); - + fclose(fp); + free_na = 1; SWFG(use_file) = 0; } else { na = tmpna; @@ -193,9 +201,16 @@ PHP_FUNCTION(swf_openfile) } #ifdef VIRTUAL_DIR - if (virtual_filepath(na, &na)) { + if (virtual_filepath(na, &tmpna)) { + if (free_na) { + efree(na); + } return; } + if (free_na) { + efree(na); + } + na = tmpna; #endif if (!SWFG(use_file)) SWFG(tmpfile_name) = na; |