MFB: Fixed missing open_basedir check inside chdir() function.

author Ilia Alshanetsky <iliaa@php.net>

Wed, 4 Oct 2006 23:20:02 +0000 (23:20 +0000)

committer Ilia Alshanetsky <iliaa@php.net>

Wed, 4 Oct 2006 23:20:02 +0000 (23:20 +0000)
author Ilia Alshanetsky <iliaa@php.net>
Wed, 4 Oct 2006 23:20:02 +0000 (23:20 +0000)
committer Ilia Alshanetsky <iliaa@php.net>
Wed, 4 Oct 2006 23:20:02 +0000 (23:20 +0000)
diff --git a/NEWS b/NEWS

index f4c2b98e3504066876a7cc7429138998952cabe9..3bad981dd488a61e8ac804101c544e7f881c2615 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,7 @@ PHP 4                                                                      NEWS
  |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
  ?? ??? 2006, Version 4.4.5
  - Updated PCRE to version 6.7. (Ilia)
+- Fixed missing open_basedir check inside chdir() function. (Ilia)
  - Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). (Ilia)
  - Fixed bug #38859 (parse_url() fails if passing '@' in passwd). (Tony,Ilia)
  - Fixed bug #38534 (segfault when calling setlocale() in userspace session
diff --git a/ext/standard/dir.c b/ext/standard/dir.c

index 81f05c6b85ad2d05a554e286bc14285389f2c69e..e20442bc054938fa46f69a51df9b18f27f339b91 100644 (file)
--- a/ext/standard/dir.c
+++ b/ext/standard/dir.c
@@ -275,7 +275,7 @@ PHP_FUNCTION(chdir)
                 RETURN_FALSE;
         }
  
-       if (PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) {
+       if ((PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) || php_check_open_basedir(str TSRMLS_CC)) {
                 RETURN_FALSE;
         }
         ret = VCWD_CHDIR(str);
author	Ilia Alshanetsky <iliaa@php.net>
	Wed, 4 Oct 2006 23:20:02 +0000 (23:20 +0000)
committer	Ilia Alshanetsky <iliaa@php.net>
	Wed, 4 Oct 2006 23:20:02 +0000 (23:20 +0000)
NEWS		patch \| blob \| history
ext/standard/dir.c		patch \| blob \| history