diff options
author | Nikita Popov <nikita.ppv@gmail.com> | 2021-01-19 11:44:22 +0100 |
---|---|---|
committer | Nikita Popov <nikita.ppv@gmail.com> | 2021-01-19 11:44:22 +0100 |
commit | 1bdd8f7ae43874876368d97dd89d88a517a2e80b (patch) | |
tree | c0c2151abde9b1a9a66e3dd0113f8fb90fadf878 /main | |
parent | f33105dcb6fb6f59801ebf122fd7223a41fa83aa (diff) | |
parent | 5d31ee302db073d5e99cf307315d2d631eaa34a5 (diff) | |
download | php-git-1bdd8f7ae43874876368d97dd89d88a517a2e80b.tar.gz |
Merge branch 'PHP-7.4' into PHP-8.0
* PHP-7.4:
Fixed bug #42560
Diffstat (limited to 'main')
-rw-r--r-- | main/php_open_temporary_file.c | 10 | ||||
-rw-r--r-- | main/php_open_temporary_file.h | 10 | ||||
-rw-r--r-- | main/rfc1867.c | 2 |
3 files changed, 18 insertions, 4 deletions
diff --git a/main/php_open_temporary_file.c b/main/php_open_temporary_file.c index a65b91e84e..761eb3a67f 100644 --- a/main/php_open_temporary_file.c +++ b/main/php_open_temporary_file.c @@ -299,13 +299,19 @@ PHPAPI int php_open_temporary_fd_ex(const char *dir, const char *pfx, zend_strin def_tmp: temp_dir = php_get_temporary_directory(); - if (temp_dir && *temp_dir != '\0' && (!(flags & PHP_TMP_FILE_OPEN_BASEDIR_CHECK) || !php_check_open_basedir(temp_dir))) { + if (temp_dir && + *temp_dir != '\0' && + (!(flags & PHP_TMP_FILE_OPEN_BASEDIR_CHECK_ON_FALLBACK) || !php_check_open_basedir(temp_dir))) { return php_do_open_temporary_file(temp_dir, pfx, opened_path_p); } else { return -1; } } + if ((flags & PHP_TMP_FILE_OPEN_BASEDIR_CHECK_ON_EXPLICIT_DIR) && php_check_open_basedir(dir)) { + return -1; + } + /* Try the directory given as parameter. */ fd = php_do_open_temporary_file(dir, pfx, opened_path_p); if (fd == -1) { @@ -320,7 +326,7 @@ def_tmp: PHPAPI int php_open_temporary_fd(const char *dir, const char *pfx, zend_string **opened_path_p) { - return php_open_temporary_fd_ex(dir, pfx, opened_path_p, 0); + return php_open_temporary_fd_ex(dir, pfx, opened_path_p, PHP_TMP_FILE_DEFAULT); } PHPAPI FILE *php_open_temporary_file(const char *dir, const char *pfx, zend_string **opened_path_p) diff --git a/main/php_open_temporary_file.h b/main/php_open_temporary_file.h index deb8e240e5..41056a2756 100644 --- a/main/php_open_temporary_file.h +++ b/main/php_open_temporary_file.h @@ -17,8 +17,16 @@ #ifndef PHP_OPEN_TEMPORARY_FILE_H #define PHP_OPEN_TEMPORARY_FILE_H -#define PHP_TMP_FILE_OPEN_BASEDIR_CHECK (1<<0) +#define PHP_TMP_FILE_DEFAULT 0 +#define PHP_TMP_FILE_OPEN_BASEDIR_CHECK_ON_FALLBACK (1<<0) #define PHP_TMP_FILE_SILENT (1<<1) +#define PHP_TMP_FILE_OPEN_BASEDIR_CHECK_ON_EXPLICIT_DIR (1<<2) +#define PHP_TMP_FILE_OPEN_BASEDIR_CHECK_ALWAYS \ + (PHP_TMP_FILE_OPEN_BASEDIR_CHECK_ON_FALLBACK | PHP_TMP_FILE_OPEN_BASEDIR_CHECK_ON_EXPLICIT_DIR) + +/* for compatibility purpose */ +#define PHP_TMP_FILE_OPEN_BASEDIR_CHECK PHP_TMP_FILE_OPEN_BASEDIR_CHECK_ON_FALLBACK + BEGIN_EXTERN_C() PHPAPI FILE *php_open_temporary_file(const char *dir, const char *pfx, zend_string **opened_path_p); diff --git a/main/rfc1867.c b/main/rfc1867.c index 8ef83f443d..c2f606c64a 100644 --- a/main/rfc1867.c +++ b/main/rfc1867.c @@ -998,7 +998,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ /* in non-debug mode we have no problem with 0-length files */ { #endif - fd = php_open_temporary_fd_ex(PG(upload_tmp_dir), "php", &temp_filename, 1); + fd = php_open_temporary_fd_ex(PG(upload_tmp_dir), "php", &temp_filename, PHP_TMP_FILE_OPEN_BASEDIR_CHECK_ON_FALLBACK); upload_cnt--; if (fd == -1) { sapi_module.sapi_error(E_WARNING, "File upload error - unable to create a temporary file"); |