diff options
| author | Ilia Alshanetsky <iliaa@php.net> | 2003-07-22 01:32:01 +0000 |
|---|---|---|
| committer | Ilia Alshanetsky <iliaa@php.net> | 2003-07-22 01:32:01 +0000 |
| commit | 1e92b5e7a36dbd8f1627328d87c51401632b5487 (patch) | |
| tree | f39c260beb913bfa09c2f11d615102ebc727ce79 /main | |
| parent | 5978734f30dbae9cd4557f414b26b54e6ab7e851 (diff) | |
| download | php-git-1e92b5e7a36dbd8f1627328d87c51401632b5487.tar.gz | |
Make php_check_safe_mode_include_dir check independent of unrelated
open_basedir directive and make it properly handle undefined/empty
safe_mode_include_dir directive when safe_mode is enabled.
Diffstat (limited to 'main')
| -rw-r--r-- | main/fopen_wrappers.c | 65 |
1 files changed, 32 insertions, 33 deletions
diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index 37ccaa6d4b..e12f0a992a 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -213,45 +213,44 @@ PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC) */ PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC) { - /* Only check when safe_mode or open_basedir is on and safe_mode_include_dir is available */ - if (((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) && - PG(safe_mode_include_dir) && *PG(safe_mode_include_dir)) - { - char *pathbuf; - char *ptr; - char *end; - char resolved_name[MAXPATHLEN]; - - /* Resolve the real path into resolved_name */ - if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL) - return -1; - - pathbuf = estrdup(PG(safe_mode_include_dir)); - - ptr = pathbuf; - - while (ptr && *ptr) { - end = strchr(ptr, DEFAULT_DIR_SEPARATOR); - if (end != NULL) { - *end = '\0'; - end++; - } + if (PG(safe_mode)) { + if (PG(safe_mode_include_dir) && *PG(safe_mode_include_dir)) { + char *pathbuf; + char *ptr; + char *end; + char resolved_name[MAXPATHLEN]; + + /* Resolve the real path into resolved_name */ + if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL) + return -1; + + pathbuf = estrdup(PG(safe_mode_include_dir)); + + ptr = pathbuf; + + while (ptr && *ptr) { + end = strchr(ptr, DEFAULT_DIR_SEPARATOR); + if (end != NULL) { + *end = '\0'; + end++; + } - /* Check the path */ + /* Check the path */ #ifdef PHP_WIN32 - if (strncasecmp(ptr, resolved_name, strlen(ptr)) == 0) + if (strncasecmp(ptr, resolved_name, strlen(ptr)) == 0) #else - if (strncmp(ptr, resolved_name, strlen(ptr)) == 0) + if (strncmp(ptr, resolved_name, strlen(ptr)) == 0) #endif - { - /* File is in the right directory */ - efree(pathbuf); - return 0; - } + { + /* File is in the right directory */ + efree(pathbuf); + return 0; + } - ptr = end; + ptr = end; + } + efree(pathbuf); } - efree(pathbuf); return -1; } |