MFB: Additional expand_filepath() checks

diff --git a/ext/pdo_sqlite/sqlite_driver.c b/ext/pdo_sqlite/sqlite_driver.c
index bf83da679330b57c3c3ff8b8bbd6a414bf838c46..8eff8a960c1c3263582dfcc3f9a44b14326c7f26 100644 (file)
--- a/ext/pdo_sqlite/sqlite_driver.c
+++ b/ext/pdo_sqlite/sqlite_driver.c
@@ -677,6 +677,10 @@ static char *make_filename_safe(const char *filename TSRMLS_DC)
        if (strncmp(filename, ":memory:", sizeof(":memory:")-1)) {
                char *fullpath = expand_filepath(filename, NULL TSRMLS_CC);
 
+               if (!fullpath) {
+                       return NULL;
+               }
+
                if (php_check_open_basedir(fullpath TSRMLS_CC)) {
                        efree(fullpath);
                        return NULL;

diff --git a/ext/standard/link.c b/ext/standard/link.c
index 4e51dba26261378c32ff4c71c65f08fb534c37a7..ebde062445d25aadaea1be59bcee3bc556436434 100644 (file)
--- a/ext/standard/link.c
+++ b/ext/standard/link.c
@@ -117,14 +117,15 @@ PHP_FUNCTION(symlink)
        convert_to_string_ex(topath);
        convert_to_string_ex(frompath);
 
-       expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC);
-       expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC);
+       if (!expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC) || !expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
 
        if (php_stream_locate_url_wrapper(source_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ||
                php_stream_locate_url_wrapper(dest_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ) 
        {
                php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to symlink to a URL");
-               RETURN_FALSE;   
+               RETURN_FALSE;
        }
 
        if (php_check_open_basedir(dest_p TSRMLS_CC)) {
@@ -164,14 +165,15 @@ PHP_FUNCTION(link)
        convert_to_string_ex(topath);
        convert_to_string_ex(frompath);
 
-       expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC);
-       expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC);
+       if (!expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC) || !expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
 
        if (php_stream_locate_url_wrapper(source_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ||
                php_stream_locate_url_wrapper(dest_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ) 
        {
                php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to link to a URL");
-               RETURN_FALSE;   
+               RETURN_FALSE;
        }
 
        if (php_check_open_basedir(dest_p TSRMLS_CC)) {