. Fixed bug #61546 (functions related to current script failed when chdir()
in cli sapi). (Laruence, reeze.xia@gmail.com)
+- CURL
+ . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
+ (Laruence)
+
- Core:
. Fixed missing bound check in iptcparse(). (chris at chiappa.net)
. Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo)
convert_to_string_ex(zvalue);
- if (php_check_open_basedir(Z_STRVAL_PP(zvalue) TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(zvalue), "rb+", CHECKUID_CHECK_MODE_PARAM))) {
+ if (!Z_STRLEN_PP(zvalue) || php_check_open_basedir(Z_STRVAL_PP(zvalue) TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(zvalue), "rb+", CHECKUID_CHECK_MODE_PARAM))) {
RETVAL_FALSE;
return 1;
}
--- /dev/null
+--TEST--
+Bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
+--SKIPIF--
+<?php if (!extension_loaded("curl")) print "skip"; ?>
+--INI--
+open_basedir="/tmp"
+--FILE--
+<?php
+ $ch = curl_init();
+ var_dump(curl_setopt($ch, CURLOPT_COOKIEFILE, ""));
+ var_dump(curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/foo"));
+ var_dump(curl_setopt($ch, CURLOPT_COOKIEFILE, "/xxx/bar"));
+ curl_close($ch);
+?>
+--EXPECTF--
+bool(false)
+bool(true)
+
+Warning: curl_setopt(): open_basedir restriction in effect. File(/xxx/bar) is not within the allowed path(s): (/tmp) in %sbug61948.php on line %d
+bool(false)
projects / php / commitdiff