]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f87648e)
MFH: Added missing open_basedir checks
authorIlia Alshanetsky <iliaa@php.net>
Thu, 4 Jan 2007 23:50:45 +0000 (23:50 +0000)
committerIlia Alshanetsky <iliaa@php.net>
Thu, 4 Jan 2007 23:50:45 +0000 (23:50 +0000)
ext/session/mod_files.c patch | blob | history

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index d81d195b59928d1b27512ab2f323143bf35b49f8..b408d825c0591c8bb17aea3892767e4a2290c439 100644 (file)
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -244,6 +244,13 @@ PS_OPEN_FUNC(files)
 
        if (*save_path == '\0') {
                save_path = php_get_temporary_directory();
+
+               if (PG(safe_mode) && (!php_checkuid(save_path, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
+                       return FAILURE;
+               }
+               if (php_check_open_basedir(save_path TSRMLS_CC)) {
+                       return FAILURE;
+               }
        }
 
        data->fd = -1;
Unnamed repository; edit this file 'description' to name the repository.