php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-25 17:08:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixed Bug #17790

Browse Source 
- link and symlink now check uid and open_base_dir for link and its target
This commit is contained in:
Stefan Esser
2002-06-16 21:24:15 +00:00
parent 0170e42763
commit 984b48b009
1 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ext/standard/link.c
+24
View File
@@ -114,6 +114,18 @@ PHP_FUNCTION(symlink)
RETURN_FALSE;
}
if (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(frompath), NULL, CHECKUID_CHECK_FILE_AND_DIR)) {
RETURN_FALSE;
}
if (php_check_open_basedir(Z_STRVAL_PP(topath) TSRMLS_CC)) {
RETURN_FALSE;
}
if (php_check_open_basedir(Z_STRVAL_PP(frompath) TSRMLS_CC)) {
RETURN_FALSE;
}
if (!strncasecmp(Z_STRVAL_PP(topath), "http://", 7) || !strncasecmp(Z_STRVAL_PP(topath), "ftp://", 6)) {
php_error(E_WARNING, "Unable to symlink to a URL");
RETURN_FALSE;
@@ -146,6 +158,18 @@ PHP_FUNCTION(link)
RETURN_FALSE;
}
if (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(frompath), NULL, CHECKUID_CHECK_FILE_AND_DIR)) {
RETURN_FALSE;
}
if (php_check_open_basedir(Z_STRVAL_PP(topath) TSRMLS_CC)) {
RETURN_FALSE;
}
if (php_check_open_basedir(Z_STRVAL_PP(frompath) TSRMLS_CC)) {
RETURN_FALSE;
}
if (!strncasecmp(Z_STRVAL_PP(topath), "http://", 7) || !strncasecmp(Z_STRVAL_PP(topath), "ftp://", 6)) {
php_error(E_WARNING, "Unable to link to a URL");
RETURN_FALSE;