- Fixed bug #36644 (possible crash in variant_date_from_timestamp()). (Ilia)
- Fixed bug #33282 (Re-assignment by reference does not clear the is_ref flag)
(Ilia,Dmitry, Matt Wilmas)
+- Fixed bug #29840 (is_executable() does not honor safe_mode_exec_dir
+ setting). (Ilia)
02 Nov 2006, PHP 5.2.0
- Updated bundled OpenSSL to version 0.9.8d in the Windows distro. (Edin)
"size", "atime", "mtime", "ctime", "blksize", "blocks"};
char *local;
php_stream_wrapper *wrapper;
+ char safe_mode_buf[MAXPATHLEN];
if (!filename_length) {
RETURN_FALSE;
}
if ((wrapper = php_stream_locate_url_wrapper(filename, &local, 0 TSRMLS_CC)) == &php_plain_files_wrapper) {
- if (php_check_open_basedir(local TSRMLS_CC) || (PG(safe_mode) && !php_checkuid_ex(filename, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS, CHECKUID_NO_ERRORS))) {
+ if (php_check_open_basedir(local TSRMLS_CC)) {
RETURN_FALSE;
+ } else if (PG(safe_mode)) {
+ if (type == FS_IS_X) {
+ if (strstr(local, "..")) {
+ RETURN_FALSE;
+ } else {
+ char *b = strrchr(local, PHP_DIR_SEPARATOR);
+ snprintf(safe_mode_buf, MAXPATHLEN, "%s%s%s", PG(safe_mode_exec_dir), (b ? "" : "/"), (b ? b : local));
+ local = (char *)&safe_mode_buf;
+ }
+ } else if (!php_checkuid_ex(local, NULL, CHECKUID_ALLOW_FILE_NOT_EXISTS, CHECKUID_NO_ERRORS)) {
+ RETURN_FALSE;
+ }
}
}
projects / php / commitdiff