[paketler-commits] r28289 - 2007/programming/languages/php/php/files

paketler-commits at pardus.org.tr paketler-commits at pardus.org.tr
25 Haz 2007 Pzt 11:53:38 EEST 

Author: cartman
Date: Mon Jun 25 11:53:38 2007
New Revision: 28289

Modified:
   2007/programming/languages/php/php/files/glob-basedir-bypass.patch
Log:
merge changes to basedir bypass via glob



Modified: 2007/programming/languages/php/php/files/glob-basedir-bypass.patch
=================================================================
--- 2007/programming/languages/php/php/files/glob-basedir-bypass.patch	(original)
+++ 2007/programming/languages/php/php/files/glob-basedir-bypass.patch	Mon Jun 25 11:53:38 2007
@@ -59,3 +59,76 @@
  	}
  
  	array_init(return_value);
+--- ext/standard/dir.c	2007/02/24 17:16:23	1.147.2.3.2.4
++++ ext/standard/dir.c	2007/06/25 08:40:20	1.147.2.3.2.8
+@@ -24,6 +24,7 @@
+ #include "fopen_wrappers.h"
+ #include "file.h"
+ #include "php_dir.h"
++#include "php_string.h"
+ #include "php_scandir.h"
+ 
+ #ifdef HAVE_DIRENT_H
+@@ -361,9 +362,9 @@
+    Find pathnames matching a pattern */
+ PHP_FUNCTION(glob)
+ {
+-	char cwd[MAXPATHLEN];
+ 	int cwd_skip = 0;
+ #ifdef ZTS
++	char cwd[MAXPATHLEN];
+ 	char work_pattern[MAXPATHLEN];
+ 	char *result;
+ #endif
+@@ -395,6 +396,22 @@
+ 	} 
+ #endif
+ 
++	if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) {
++		int pattern_len = strlen(pattern);
++		char *basename = estrndup(pattern, pattern_len);
++		
++		php_dirname(basename, pattern_len);
++		if (PG(safe_mode) && (!php_checkuid(basename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
++			efree(basename);
++			RETURN_FALSE;
++		}
++		if (php_check_open_basedir(basename TSRMLS_CC)) {
++			efree(basename);
++			RETURN_FALSE;
++		}
++		efree(basename);
++	}
++
+ 	globbuf.gl_offs = 0;
+ 	if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) {
+ #ifdef GLOB_NOMATCH
+@@ -420,16 +437,6 @@
+ 		return;
+ 	}
+ 
+-	/* we assume that any glob pattern will match files from one directory only
+-	   so checking the dirname of the first match should be sufficient */
+-	strlcpy(cwd, globbuf.gl_pathv[0], MAXPATHLEN);
+-	if (PG(safe_mode) && (!php_checkuid(cwd, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
+-		RETURN_FALSE;
+-	}
+-	if (php_check_open_basedir(cwd TSRMLS_CC)) {
+-		RETURN_FALSE;
+-	}
+-
+ 	array_init(return_value);
+ 	for (n = 0; n < globbuf.gl_pathc; n++) {
+ 		/* we need to do this everytime since GLOB_ONLYDIR does not guarantee that
+@@ -473,6 +480,11 @@
+ 
+ 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|lr", &dirn, &dirn_len, &flags, &zcontext) == FAILURE) {
+ 		return;
++	}
++
++	if (dirn_len < 1) {
++		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Directory name cannot be empty");
++		RETURN_FALSE;
+ 	}
+ 
+ 	if (zcontext) {

Paketler-commits mesaj listesiyle ilgili daha fazla bilgi