- rename SAFEMODE_CHECKFILE to OPENBASEDIR_CHECKPATH (can be used without

  confusing in head without confusion)
- Add safemode and open basedir checks in zip:// wrapper (revert Ilia's
  patch). Bug found by Stefan Esser in his MOPB-20-2007

3 files changed, 17 insertions, 11 deletions

diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
index 745bcf6082..e618d8b9e7 100644
--- a/ext/zip/php_zip.c
+++ b/ext/zip/php_zip.c
@@ -49,11 +49,6 @@ static int le_zip_entry;
 #define le_zip_entry_name "Zip Entry"
 /* }}} */
 
-/* {{{ SAFEMODE_CHECKFILE(filename) */
-#define SAFEMODE_CHECKFILE(filename) \
-	(PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)
-/* }}} */
-
 /* {{{ PHP_ZIP_STAT_INDEX(za, index, flags, sb) */
 #define PHP_ZIP_STAT_INDEX(za, index, flags, sb) \
 	if (zip_stat_index(za, index, flags, &sb) != 0) { \
@@ -127,7 +122,7 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
 
 		php_basename(file, file_len, NULL, 0, &file_basename, (unsigned int *)&file_basename_len TSRMLS_CC);
 
-		if (SAFEMODE_CHECKFILE(file_dirname_fullpath)) {
+		if (OPENBASEDIR_CHECKPATH(file_dirname_fullpath)) {
 			efree(file_dirname_fullpath);
 			efree(file_basename);
 			return 0;
@@ -164,7 +159,7 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
 	 * is required, does a file can have a different
 	 * safemode status as its parent folder?
 	 */
-	if (SAFEMODE_CHECKFILE(fullpath)) {
+	if (OPENBASEDIR_CHECKPATH(fullpath)) {
 		efree(file_dirname_fullpath);
 		efree(file_basename);
 		return 0;
@@ -627,7 +622,7 @@ static PHP_FUNCTION(zip_open)
 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &filename, &filename_len) == FAILURE) {
 		return;
 	}
-	if (SAFEMODE_CHECKFILE(filename)) {
+	if (OPENBASEDIR_CHECKPATH(filename)) {
 		RETURN_FALSE;
 	}
 
@@ -1032,7 +1027,7 @@ static ZIPARCHIVE_METHOD(addFile)
 		entry_name_len = filename_len;
 	}
 
-	if (SAFEMODE_CHECKFILE(filename)) {
+	if (OPENBASEDIR_CHECKPATH(filename)) {
 		RETURN_FALSE;
 	}
 
diff --git a/ext/zip/php_zip.h b/ext/zip/php_zip.h
index cbfc9b9502..f194151941 100644
--- a/ext/zip/php_zip.h
+++ b/ext/zip/php_zip.h
@@ -30,6 +30,16 @@ extern zend_module_entry zip_module_entry;
 
 #include "lib/zip.h"
 
+/* {{{ OPENBASEDIR_CHECKPATH(filename) */
+#if (PHP_MAJOR_VERSION < 6)
+#define OPENBASEDIR_CHECKPATH(filename) \
+	(PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)
+#else 
+#define OPENBASEDIR_CHECKPATH(filename) \
+	php_check_open_basedir(filename TSRMLS_CC)
+#endif
+/* }}} */
+
 typedef struct _ze_zip_rsrc {
 	struct zip *za;
 	int index_current;
diff --git a/ext/zip/zip_stream.c b/ext/zip/zip_stream.c
index d4b511cc09..1f305509ea 100644
--- a/ext/zip/zip_stream.c
+++ b/ext/zip/zip_stream.c
@@ -12,6 +12,7 @@
 #include "ext/standard/file.h"
 #include "ext/standard/php_string.h"
 #include "fopen_wrappers.h"
+#include "php_zip.h"
 
 #include "ext/standard/url.h"
 
@@ -112,7 +113,7 @@ php_stream *php_stream_zip_open(char *filename, char *path, char *mode STREAMS_D
 	}
 
 	if (filename) {
-		if ((PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)) {
+		if (OPENBASEDIR_CHECKPATH(filename)) {
 			return NULL;
 		}
 
@@ -193,7 +194,7 @@ php_stream *php_stream_zip_opener(php_stream_wrapper *wrapper,
 	php_basename(path, path_len - fragment_len, NULL, 0, &file_basename, &file_basename_len TSRMLS_CC);
 	fragment++;
 
-	if ((PG(safe_mode) && (!php_checkuid(file_dirname, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(file_dirname TSRMLS_CC)) {
+	if (OPENBASEDIR_CHECKPATH(file_dirname)) {
 		efree(file_basename);
 		return NULL;
 	}