summaryrefslogtreecommitdiff
path: root/ext/standard/file.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/standard/file.c')
-rw-r--r--ext/standard/file.c73
1 files changed, 73 insertions, 0 deletions
diff --git a/ext/standard/file.c b/ext/standard/file.c
index 953ca7928d..ef4b72462d 100644
--- a/ext/standard/file.c
+++ b/ext/standard/file.c
@@ -386,6 +386,10 @@ PHP_FUNCTION(get_meta_tags)
return;
}
+ if (strlen(filename) != filename_len) {
+ RETURN_FALSE;
+ }
+
md.stream = php_stream_open_wrapper(filename, "rb",
(use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS,
NULL);
@@ -539,6 +543,10 @@ PHP_FUNCTION(file_get_contents)
return;
}
+ if (strlen(filename) != filename_len) {
+ RETURN_FALSE;
+ }
+
if (ZEND_NUM_ARGS() == 5 && maxlen < 0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "length must be greater than or equal to zero");
RETURN_FALSE;
@@ -595,6 +603,10 @@ PHP_FUNCTION(file_put_contents)
return;
}
+ if (strlen(filename) != filename_len) {
+ RETURN_FALSE;
+ }
+
if (Z_TYPE_P(data) == IS_RESOURCE) {
php_stream_from_zval(srcstream, &data);
}
@@ -739,6 +751,11 @@ PHP_FUNCTION(file)
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|lr!", &filename, &filename_len, &flags, &zcontext) == FAILURE) {
return;
}
+
+ if (strlen(filename) != filename_len) {
+ RETURN_FALSE;
+ }
+
if (flags < 0 || flags > (PHP_FILE_USE_INCLUDE_PATH | PHP_FILE_IGNORE_NEW_LINES | PHP_FILE_SKIP_EMPTY_LINES | PHP_FILE_NO_DEFAULT_CONTEXT)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "'%ld' flag is not supported", flags);
RETURN_FALSE;
@@ -836,6 +853,14 @@ PHP_FUNCTION(tempnam)
return;
}
+ if (strlen(dir) != dir_len) {
+ RETURN_FALSE;
+ }
+
+ if (strlen(prefix) != prefix_len) {
+ RETURN_FALSE;
+ }
+
if (PG(safe_mode) &&(!php_checkuid(dir, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
RETURN_FALSE;
}
@@ -894,6 +919,10 @@ PHP_NAMED_FUNCTION(php_if_fopen)
RETURN_FALSE;
}
+ if (strlen(filename) != filename_len) {
+ RETURN_FALSE;
+ }
+
context = php_stream_context_from_zval(zcontext, 0);
stream = php_stream_open_wrapper_ex(filename, mode, (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context);
@@ -1397,6 +1426,10 @@ PHP_FUNCTION(mkdir)
RETURN_FALSE;
}
+ if (strlen(dir) != dir_len) {
+ RETURN_FALSE;
+ }
+
context = php_stream_context_from_zval(zcontext, 0);
RETURN_BOOL(php_stream_mkdir(dir, mode, (recursive ? PHP_STREAM_MKDIR_RECURSIVE : 0) | REPORT_ERRORS, context));
@@ -1416,6 +1449,10 @@ PHP_FUNCTION(rmdir)
RETURN_FALSE;
}
+ if (strlen(dir) != dir_len) {
+ RETURN_FALSE;
+ }
+
context = php_stream_context_from_zval(zcontext, 0);
RETURN_BOOL(php_stream_rmdir(dir, REPORT_ERRORS, context));
@@ -1438,6 +1475,10 @@ PHP_FUNCTION(readfile)
RETURN_FALSE;
}
+ if (strlen(filename) != filename_len) {
+ RETURN_FALSE;
+ }
+
context = php_stream_context_from_zval(zcontext, 0);
stream = php_stream_open_wrapper_ex(filename, "rb", (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context);
@@ -1511,6 +1552,14 @@ PHP_FUNCTION(rename)
RETURN_FALSE;
}
+ if (strlen(old_name) != old_name_len) {
+ RETURN_FALSE;
+ }
+
+ if (strlen(new_name) != new_name_len) {
+ RETURN_FALSE;
+ }
+
wrapper = php_stream_locate_url_wrapper(old_name, NULL, 0 TSRMLS_CC);
if (!wrapper || !wrapper->wops) {
@@ -1548,6 +1597,10 @@ PHP_FUNCTION(unlink)
RETURN_FALSE;
}
+ if (strlen(filename) != filename_len) {
+ RETURN_FALSE;
+ }
+
context = php_stream_context_from_zval(zcontext, 0);
wrapper = php_stream_locate_url_wrapper(filename, NULL, 0 TSRMLS_CC);
@@ -1684,6 +1737,14 @@ PHP_FUNCTION(copy)
return;
}
+ if (strlen(source) != source_len) {
+ RETURN_FALSE;
+ }
+
+ if (strlen(target) != target_len) {
+ RETURN_FALSE;
+ }
+
if (PG(safe_mode) &&(!php_checkuid(source, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
RETURN_FALSE;
}
@@ -2385,6 +2446,10 @@ PHP_FUNCTION(realpath)
return;
}
+ if (strlen(filename) != filename_len) {
+ RETURN_FALSE;
+ }
+
if (VCWD_REALPATH(filename, resolved_path_buff)) {
if (PG(safe_mode) && (!php_checkuid(resolved_path_buff, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
RETURN_FALSE;
@@ -2527,6 +2592,14 @@ PHP_FUNCTION(fnmatch)
return;
}
+ if (strlen(pattern) != pattern_len) {
+ RETURN_FALSE;
+ }
+
+ if (strlen(filename) != filename_len) {
+ RETURN_FALSE;
+ }
+
if (filename_len >= MAXPATHLEN) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Filename exceeds the maximum allowed length of %d characters", MAXPATHLEN);
RETURN_FALSE;
View Lorry Controller Status