Additional expand_filepath() checks

author Ilia Alshanetsky <iliaa@php.net>

Sat, 16 Sep 2006 18:30:03 +0000 (18:30 +0000)

committer Ilia Alshanetsky <iliaa@php.net>

Sat, 16 Sep 2006 18:30:03 +0000 (18:30 +0000)
author Ilia Alshanetsky <iliaa@php.net>
Sat, 16 Sep 2006 18:30:03 +0000 (18:30 +0000)
committer Ilia Alshanetsky <iliaa@php.net>
Sat, 16 Sep 2006 18:30:03 +0000 (18:30 +0000)
diff --git a/ext/pdo_sqlite/sqlite_driver.c b/ext/pdo_sqlite/sqlite_driver.c

index ebe3170ead3417a08b19dbaa3336bf4669e1daf8..a3c9cd5911d80ed2b2d68dbe648bc5fafe0a0de2 100644 (file)
--- a/ext/pdo_sqlite/sqlite_driver.c
+++ b/ext/pdo_sqlite/sqlite_driver.c
@@ -642,6 +642,10 @@ static char *make_filename_safe(const char *filename TSRMLS_DC)
         if (strncmp(filename, ":memory:", sizeof(":memory:")-1)) {
                 char *fullpath = expand_filepath(filename, NULL TSRMLS_CC);
  
+               if (!fullpath) {
+                       return NULL;
+               }
+
                 if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
                         efree(fullpath);
                         return NULL;
diff --git a/ext/standard/link.c b/ext/standard/link.c

index f29bb87294241b7ef91aed6e2f26b085f12aed52..1e9213df88b229f47c3d466ca63521e31bf6f08c 100644 (file)
--- a/ext/standard/link.c
+++ b/ext/standard/link.c
@@ -122,14 +122,15 @@ PHP_FUNCTION(symlink)
         convert_to_string_ex(topath);
         convert_to_string_ex(frompath);
  
-       expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC);
-       expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC);
+       if (!expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC) || !expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
  
         if (php_stream_locate_url_wrapper(source_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ||
                 php_stream_locate_url_wrapper(dest_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ) 
         {
                 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to symlink to a URL");
-               RETURN_FALSE;   
+               RETURN_FALSE;
         }
  
         if (PG(safe_mode) && !php_checkuid(dest_p, NULL, CHECKUID_CHECK_FILE_AND_DIR)) {
@@ -177,14 +178,15 @@ PHP_FUNCTION(link)
         convert_to_string_ex(topath);
         convert_to_string_ex(frompath);
  
-       expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC);
-       expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC);
+       if (!expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC) || !expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
  
         if (php_stream_locate_url_wrapper(source_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ||
                 php_stream_locate_url_wrapper(dest_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ) 
         {
                 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to link to a URL");
-               RETURN_FALSE;   
+               RETURN_FALSE;
         }
  
         if (PG(safe_mode) && !php_checkuid(dest_p, NULL, CHECKUID_CHECK_FILE_AND_DIR)) {
author	Ilia Alshanetsky <iliaa@php.net>
	Sat, 16 Sep 2006 18:30:03 +0000 (18:30 +0000)
committer	Ilia Alshanetsky <iliaa@php.net>
	Sat, 16 Sep 2006 18:30:03 +0000 (18:30 +0000)
ext/pdo_sqlite/sqlite_driver.c		patch \| blob \| history
ext/standard/link.c		patch \| blob \| history