diff options
Diffstat (limited to 'main/streams')
| -rw-r--r-- | main/streams/plain_wrapper.c | 72 | ||||
| -rwxr-xr-x | main/streams/streams.c | 8 | ||||
| -rw-r--r-- | main/streams/userspace.c | 1 |
3 files changed, 4 insertions, 77 deletions
diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index 23b9ccbb86..0f1d8375c1 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -859,10 +859,6 @@ static php_stream *php_plain_files_dir_opener(php_stream_wrapper *wrapper, char return NULL; } - if (PG(safe_mode) &&(!php_checkuid(path, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - return NULL; - } - dir = VCWD_OPENDIR(path); #ifdef PHP_WIN32 @@ -992,13 +988,6 @@ static php_stream *php_plain_files_stream_opener(php_stream_wrapper *wrapper, ch return NULL; } - if ((php_check_safe_mode_include_dir(path TSRMLS_CC)) == 0) { - return php_stream_fopen_rel(path, mode, opened_path, options); - } - - if ((options & ENFORCE_SAFE_MODE) && PG(safe_mode) && (!php_checkuid(path, mode, CHECKUID_CHECK_MODE_PARAM))) - return NULL; - return php_stream_fopen_rel(path, mode, opened_path, options); } @@ -1009,10 +998,6 @@ static int php_plain_files_url_stater(php_stream_wrapper *wrapper, char *url, in url += sizeof("file://") - 1; } - if (PG(safe_mode) &&(!php_checkuid_ex(url, NULL, CHECKUID_CHECK_FILE_AND_DIR, (flags & PHP_STREAM_URL_STAT_QUIET) ? CHECKUID_NO_ERRORS : 0))) { - return -1; - } - if (php_check_open_basedir_ex(url, (flags & PHP_STREAM_URL_STAT_QUIET) ? 0 : 1 TSRMLS_CC)) { return -1; } @@ -1034,16 +1019,6 @@ static int php_plain_files_unlink(php_stream_wrapper *wrapper, char *url, int op url = p + 3; } - if (options & ENFORCE_SAFE_MODE) { - if (PG(safe_mode) && !php_checkuid(url, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { - return 0; - } - - if (php_check_open_basedir(url TSRMLS_CC)) { - return 0; - } - } - ret = VCWD_UNLINK(url); if (ret == -1) { if (options & REPORT_ERRORS) { @@ -1086,11 +1061,6 @@ static int php_plain_files_rename(php_stream_wrapper *wrapper, char *url_from, c url_to = p + 3; } - if (PG(safe_mode) && (!php_checkuid(url_from, NULL, CHECKUID_CHECK_FILE_AND_DIR) || - !php_checkuid(url_to, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - return 0; - } - if (php_check_open_basedir(url_from TSRMLS_CC) || php_check_open_basedir(url_to TSRMLS_CC)) { return 0; } @@ -1246,10 +1216,6 @@ static int php_plain_files_rmdir(php_stream_wrapper *wrapper, char *url, int opt #if PHP_WIN32 int url_len = strlen(url); #endif - if (PG(safe_mode) &&(!php_checkuid(url, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - return 0; - } - if (php_check_open_basedir(url TSRMLS_CC)) { return 0; } @@ -1298,7 +1264,6 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char char *pathbuf, *ptr, *end; char *exec_fname; char trypath[MAXPATHLEN]; - struct stat sb; php_stream *stream; int path_length; int filename_length; @@ -1330,17 +1295,9 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char return NULL; } - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } return php_stream_fopen_rel(filename, mode, opened_path, options); } - /* - * files in safe_mode_include_dir (or subdir) are excluded from - * safe mode GID/UID checks - */ - not_relative_path: /* Absolute path open */ @@ -1350,13 +1307,6 @@ not_relative_path: return NULL; } - if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0) - /* filename is in safe_mode_include_dir (or subdir) */ - return php_stream_fopen_rel(filename, mode, opened_path, options); - - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) - return NULL; - return php_stream_fopen_rel(filename, mode, opened_path, options); } @@ -1377,21 +1327,12 @@ not_relative_path: if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(trypath TSRMLS_CC)) { return NULL; } - if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC)) == 0) { - return php_stream_fopen_rel(trypath, mode, opened_path, options); - } - if (PG(safe_mode) && (!php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } return php_stream_fopen_rel(trypath, mode, opened_path, options); } #endif if (!path || (path && !*path)) { - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } return php_stream_fopen_rel(filename, mode, opened_path, options); } @@ -1439,21 +1380,8 @@ not_relative_path: goto stream_skip; } - if (PG(safe_mode)) { - if (VCWD_STAT(trypath, &sb) == 0) { - /* file exists ... check permission */ - if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) || - php_checkuid_ex(trypath, mode, CHECKUID_CHECK_MODE_PARAM, CHECKUID_NO_ERRORS)) { - /* UID ok, or trypath is in safe_mode_include_dir */ - stream = php_stream_fopen_rel(trypath, mode, opened_path, options); - goto stream_done; - } - } - goto stream_skip; - } stream = php_stream_fopen_rel(trypath, mode, opened_path, options); if (stream) { -stream_done: efree(pathbuf); return stream; } diff --git a/main/streams/streams.c b/main/streams/streams.c index ccb7e34632..cbfccb4471 100755 --- a/main/streams/streams.c +++ b/main/streams/streams.c @@ -1693,7 +1693,7 @@ PHPAPI int _php_stream_mkdir(char *path, int mode, int options, php_stream_conte { php_stream_wrapper *wrapper = NULL; - wrapper = php_stream_locate_url_wrapper(path, NULL, ENFORCE_SAFE_MODE TSRMLS_CC); + wrapper = php_stream_locate_url_wrapper(path, NULL, 0 TSRMLS_CC); if (!wrapper || !wrapper->wops || !wrapper->wops->stream_mkdir) { return 0; } @@ -1708,7 +1708,7 @@ PHPAPI int _php_stream_rmdir(char *path, int options, php_stream_context *contex { php_stream_wrapper *wrapper = NULL; - wrapper = php_stream_locate_url_wrapper(path, NULL, ENFORCE_SAFE_MODE TSRMLS_CC); + wrapper = php_stream_locate_url_wrapper(path, NULL, 0 TSRMLS_CC); if (!wrapper || !wrapper->wops || !wrapper->wops->stream_rmdir) { return 0; } @@ -1737,7 +1737,7 @@ PHPAPI int _php_stream_stat_path(char *path, int flags, php_stream_statbuf *ssb, } } - wrapper = php_stream_locate_url_wrapper(path, &path_to_open, ENFORCE_SAFE_MODE TSRMLS_CC); + wrapper = php_stream_locate_url_wrapper(path, &path_to_open, 0 TSRMLS_CC); if (wrapper && wrapper->wops->url_stat) { ret = wrapper->wops->url_stat(wrapper, path_to_open, flags, ssb, context TSRMLS_CC); if (ret == 0) { @@ -2151,7 +2151,7 @@ PHPAPI int _php_stream_scandir(char *dirname, char **namelist[], int flags, php_ return FAILURE; } - stream = php_stream_opendir(dirname, ENFORCE_SAFE_MODE | REPORT_ERRORS, context); + stream = php_stream_opendir(dirname, REPORT_ERRORS, context); if (!stream) { return FAILURE; } diff --git a/main/streams/userspace.c b/main/streams/userspace.c index ccc4affafa..d532a168d2 100644 --- a/main/streams/userspace.c +++ b/main/streams/userspace.c @@ -77,7 +77,6 @@ PHP_MINIT_FUNCTION(user_streams) REGISTER_LONG_CONSTANT("STREAM_USE_PATH", USE_PATH, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("STREAM_IGNORE_URL", IGNORE_URL, CONST_CS|CONST_PERSISTENT); - REGISTER_LONG_CONSTANT("STREAM_ENFORCE_SAFE_MODE", ENFORCE_SAFE_MODE, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("STREAM_REPORT_ERRORS", REPORT_ERRORS, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("STREAM_MUST_SEEK", STREAM_MUST_SEEK, CONST_CS|CONST_PERSISTENT); |