diff options
Diffstat (limited to 'main/streams/plain_wrapper.c')
| -rw-r--r-- | main/streams/plain_wrapper.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index b78c2d9651..ffaeb31bd9 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -898,6 +898,19 @@ static php_stream *php_plain_files_stream_opener(php_stream_wrapper *wrapper, ch static int php_plain_files_url_stater(php_stream_wrapper *wrapper, char *url, int flags, php_stream_statbuf *ssb, php_stream_context *context TSRMLS_DC) { + + if (strncmp(url, "file://", 7) == 0) { + url += 7; + } + + if (PG(safe_mode) &&(!php_checkuid_ex(url, NULL, CHECKUID_CHECK_FILE_AND_DIR, (flags & PHP_STREAM_URL_STAT_QUIET) ? CHECKUID_NO_ERRORS : 0))) { + return -1; + } + + if (php_check_open_basedir_ex(url, (flags & PHP_STREAM_URL_STAT_QUIET) ? 0 : 1 TSRMLS_CC)) { + return -1; + } + #ifdef HAVE_SYMLINK if (flags & PHP_STREAM_URL_STAT_LINK) { return VCWD_LSTAT(url, &ssb->sb); |