Merge 294882: Fixed safe_mode validation inside tempnam() when the directory

author Johannes Schlüter <johannes@php.net>

Thu, 11 Feb 2010 18:03:57 +0000 (18:03 +0000)

committer Johannes Schlüter <johannes@php.net>

Thu, 11 Feb 2010 18:03:57 +0000 (18:03 +0000)
author Johannes Schlüter <johannes@php.net>
Thu, 11 Feb 2010 18:03:57 +0000 (18:03 +0000)
committer Johannes Schlüter <johannes@php.net>
Thu, 11 Feb 2010 18:03:57 +0000 (18:03 +0000)
diff --git a/NEWS b/NEWS

index 48b1a80510a9ba118e0d612e27ef89f4b3beec94..fc0077d410e931e123091add4c5d12dc1a9c7ef8 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,8 @@ PHP                                                                        NEWS
    (Ilia)
  - Added stream_resolve_include_path(). (Mikko)
  
+- Fixed safe_mode validation inside tempnam() when the directory path does
+  not end with a /). (Martin Jansen)
  - Fixed a possible open_basedir/safe_mode bypass in session extension
    identified by Grzegorz Stachowiak. (Ilia)
  - Fixed possible crash when a error/warning is raised during php startup.
diff --git a/ext/standard/file.c b/ext/standard/file.c

index 10f2c7961aad700714a09444b5a7938f275d78fb..704ef1231fb7e7e16f48012a6e2dab3383c8386a 100644 (file)
--- a/ext/standard/file.c
+++ b/ext/standard/file.c
@@ -836,7 +836,7 @@ PHP_FUNCTION(tempnam)
                 return;
         }
  
-       if (PG(safe_mode) &&(!php_checkuid(dir, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
+       if (PG(safe_mode) &&(!php_checkuid(dir, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
                 RETURN_FALSE;
         }
author	Johannes Schlüter <johannes@php.net>
	Thu, 11 Feb 2010 18:03:57 +0000 (18:03 +0000)
committer	Johannes Schlüter <johannes@php.net>
	Thu, 11 Feb 2010 18:03:57 +0000 (18:03 +0000)
NEWS		patch \| blob \| history
ext/standard/file.c		patch \| blob \| history