]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 17ff2f4)
Added missing open_basedir checks
authorIlia Alshanetsky <iliaa@php.net>
Thu, 4 Jan 2007 23:49:35 +0000 (23:49 +0000)
committerIlia Alshanetsky <iliaa@php.net>
Thu, 4 Jan 2007 23:49:35 +0000 (23:49 +0000)
ext/session/mod_files.c patch | blob | history

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index f25d15dd2f8ee15795dec1d7fe52b876fb846cda..df677bb388dcf6d81b52926342f49699e4e7a952 100644 (file)
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -251,6 +251,13 @@ PS_OPEN_FUNC(files)
        if (*save_path == '\0') {
                /* if save path is an empty string, determine the temporary dir */
                save_path = php_get_temporary_directory();
+
+               if (PG(safe_mode) && (!php_checkuid(save_path, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
+                       return FAILURE;
+               }
+               if (php_check_open_basedir(save_path TSRMLS_CC)) {
+                       return FAILURE;
+               }
        }
        
        /* split up input parameter */
Unnamed repository; edit this file 'description' to name the repository.