diff options
author | Pierre Joye <pajoye@php.net> | 2007-03-14 11:32:25 +0000 |
---|---|---|
committer | Pierre Joye <pajoye@php.net> | 2007-03-14 11:32:25 +0000 |
commit | b40b5b53051466cee7711c36a2066670372e00d6 (patch) | |
tree | 82388e4dc0bc5a2ef55bcff09d2b6d1dc39b66b2 /ext/zip | |
parent | 1c0b8e6f15e416f011263f2d20b5c0281de9fafc (diff) | |
download | php-git-b40b5b53051466cee7711c36a2066670372e00d6.tar.gz |
- MFH: Fixed possible relative path issues in zip_open in TS mode (old API)
Diffstat (limited to 'ext/zip')
-rw-r--r-- | ext/zip/php_zip.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c index e618d8b9e7..88e5e88e12 100644 --- a/ext/zip/php_zip.c +++ b/ext/zip/php_zip.c @@ -616,16 +616,27 @@ static PHP_FUNCTION(zip_open) { char *filename; int filename_len; + char resolved_path[MAXPATHLEN + 1]; zip_rsrc *rsrc_int; int err = 0; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &filename, &filename_len) == FAILURE) { return; } + + if (filename_len == 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Empty string as source"); + RETURN_FALSE; + } + if (OPENBASEDIR_CHECKPATH(filename)) { RETURN_FALSE; } + if(!expand_filepath(filename, resolved_path TSRMLS_CC)) { + RETURN_FALSE; + } + rsrc_int = (zip_rsrc *)emalloc(sizeof(zip_rsrc)); rsrc_int->za = zip_open(filename, 0, &err); |