diff options
| -rw-r--r-- | main/fopen_wrappers.c | 75 | ||||
| -rw-r--r-- | main/fopen_wrappers.h | 2 | ||||
| -rw-r--r-- | main/streams/plain_wrapper.c | 20 |
3 files changed, 3 insertions, 94 deletions
diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index 992e846e57..5f99096a92 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -187,55 +187,6 @@ PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC) } /* }}} */ -/* {{{ php_check_safe_mode_include_dir - */ -PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC) -{ - if (PG(safe_mode)) { - if (PG(safe_mode_include_dir) && *PG(safe_mode_include_dir)) { - char *pathbuf; - char *ptr; - char *end; - char resolved_name[MAXPATHLEN]; - - /* Resolve the real path into resolved_name */ - if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL) - return -1; - - pathbuf = estrdup(PG(safe_mode_include_dir)); - - ptr = pathbuf; - - while (ptr && *ptr) { - end = strchr(ptr, DEFAULT_DIR_SEPARATOR); - if (end != NULL) { - *end = '\0'; - end++; - } - - /* Check the path */ -#ifdef PHP_WIN32 - if (strncasecmp(ptr, resolved_name, strlen(ptr)) == 0) -#else - if (strncmp(ptr, resolved_name, strlen(ptr)) == 0) -#endif - { - /* File is in the right directory */ - efree(pathbuf); - return 0; - } - - ptr = end; - } - efree(pathbuf); - } - return -1; - } - - /* Nothing to check... */ - return 0; -} -/* }}} */ /* {{{ php_fopen_and_set_opened_path */ @@ -388,15 +339,8 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char ** */ /* Absolute path open */ - if (IS_ABSOLUTE_PATH(filename, filename_length)) { - if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0) - /* filename is in safe_mode_include_dir (or subdir) */ - return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); - - return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); - } - - if (!path || (path && !*path)) { + /* FIXME: Andi - Do we actually need the if()? */ + if (IS_ABSOLUTE_PATH(filename, filename_length) || (!path || (path && !*path))) { return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); } @@ -434,20 +378,7 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char ** end++; } snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename); - if (PG(safe_mode)) { - if (VCWD_STAT(trypath, &sb) == 0) { - /* file exists ... check permission */ - if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) || - php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM)) - /* UID ok, or trypath is in safe_mode_include_dir */ - fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC); - else - fp = NULL; - - efree(pathbuf); - return fp; - } - } + fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC); if (fp) { efree(pathbuf); diff --git a/main/fopen_wrappers.h b/main/fopen_wrappers.h index d67d8bace0..020365470d 100644 --- a/main/fopen_wrappers.h +++ b/main/fopen_wrappers.h @@ -31,8 +31,6 @@ PHPAPI int php_check_open_basedir(const char *path TSRMLS_DC); PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC); PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path TSRMLS_DC); -PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC); - PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char **opened_path TSRMLS_DC); PHPAPI int php_is_url(char *path); diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index 12c708f11b..beb65d5ca1 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -1210,10 +1210,6 @@ not_relative_path: return NULL; } - if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0) - /* filename is in safe_mode_include_dir (or subdir) */ - return php_stream_fopen_rel(filename, mode, opened_path, options); - return php_stream_fopen_rel(filename, mode, opened_path, options); } @@ -1232,9 +1228,6 @@ not_relative_path: if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(trypath TSRMLS_CC)) { return NULL; } - if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC)) == 0) { - return php_stream_fopen_rel(trypath, mode, opened_path, options); - } return php_stream_fopen_rel(trypath, mode, opened_path, options); } @@ -1289,19 +1282,6 @@ not_relative_path: continue; } - if (PG(safe_mode)) { - if (VCWD_STAT(trypath, &sb) == 0) { - /* file exists ... check permission */ - if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) || - php_checkuid_ex(trypath, mode, CHECKUID_CHECK_MODE_PARAM, CHECKUID_NO_ERRORS)) { - /* UID ok, or trypath is in safe_mode_include_dir */ - stream = php_stream_fopen_rel(trypath, mode, opened_path, options); - goto stream_done; - } - } - ptr = end; - continue; - } stream = php_stream_fopen_rel(trypath, mode, opened_path, options); if (stream) { stream_done: |