MFH: Added missing safe_mode & open_basedir checks.

diff --git a/ext/fdf/fdf.c b/ext/fdf/fdf.c
index c87001903c49d0dbb451b13ab5aa0c719afab817..c627d00b30109ac078879fc7bf46b860799b89ed 100644 (file)
--- a/ext/fdf/fdf.c
+++ b/ext/fdf/fdf.c
@@ -721,6 +721,10 @@ PHP_FUNCTION(fdf_set_file)
                return;
        }
 
+       if (php_check_open_basedir(filename TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(filename, "wb+", CHECKUID_CHECK_MODE_PARAM))) {
+               RETURN_FALSE;
+       }
+
        ZEND_FETCH_RESOURCE(fdf, FDFDoc *, &r_fdf, -1, "fdf", le_fdf);
 
        err = FDFSetFile(fdf, filename);
@@ -1481,6 +1485,10 @@ PHP_FUNCTION(fdf_get_attachment) {
        
        ZEND_FETCH_RESOURCE(fdf, FDFDoc *, &r_fdf, -1, "fdf", le_fdf);
 
+       if (php_check_open_basedir(savepath TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(savepath, "wb+", CHECKUID_CHECK_MODE_PARAM))) {
+               RETURN_FALSE;
+       }
+
        strncpy(pathbuf , savepath, MAXPATHLEN-1);
        pathbuf[MAXPATHLEN-1] = '\0';