MFB: Fixed bug #37273 (Symlinks and mod_files session handler allow open_basedir...

author Jani Taskinen <jani@php.net>

Thu, 23 Aug 2007 13:38:49 +0000 (13:38 +0000)

committer Jani Taskinen <jani@php.net>

Thu, 23 Aug 2007 13:38:49 +0000 (13:38 +0000)
author Jani Taskinen <jani@php.net>
Thu, 23 Aug 2007 13:38:49 +0000 (13:38 +0000)
committer Jani Taskinen <jani@php.net>
Thu, 23 Aug 2007 13:38:49 +0000 (13:38 +0000)
diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c

index 8072a0f5631f61894feb2a2865223ca236026811..f9d8f227fd6c99e760456a584ecc6277961c9620 100644 (file)
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -189,6 +189,24 @@ static void ps_files_open(ps_files *data, const char *key TSRMLS_DC)
                 data->fd = VCWD_OPEN_MODE(buf, O_CREAT | O_RDWR | O_BINARY, data->filemode);
  
                 if (data->fd != -1) {
+#ifndef PHP_WIN32
+                       /* check to make sure that the opened file is not a symlink, linking to data outside of allowable dirs */
+                       if (PG(open_basedir)) {
+                               struct stat sbuf;
+
+                               if (fstat(data->fd, &sbuf)) {
+                                       close(data->fd);
+                                       return;
+                               }
+                               if (
+                                       S_ISLNK(sbuf.st_mode) && 
+                                        php_check_open_basedir(buf TSRMLS_CC)
+                               ) {
+                                       close(data->fd);
+                                       return;
+                               }
+                       }
+#endif
                         flock(data->fd, LOCK_EX);
  
  #ifdef F_SETFD
author	Jani Taskinen <jani@php.net>
	Thu, 23 Aug 2007 13:38:49 +0000 (13:38 +0000)
committer	Jani Taskinen <jani@php.net>
	Thu, 23 Aug 2007 13:38:49 +0000 (13:38 +0000)