Adjust checks to allow paths without a trailing /

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index df677bb388dcf6d81b52926342f49699e4e7a952..ddb937604710eb6a5536c772a810075689ae4a6c 100644 (file)
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -252,11 +252,13 @@ PS_OPEN_FUNC(files)
                /* if save path is an empty string, determine the temporary dir */
                save_path = php_get_temporary_directory();
 
-               if (PG(safe_mode) && (!php_checkuid(save_path, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
-                       return FAILURE;
-               }
-               if (php_check_open_basedir(save_path TSRMLS_CC)) {
-                       return FAILURE;
+               if (strcmp(save_path, "/tmp")) {
+                       if (PG(safe_mode) && (!php_checkuid(save_path, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
+                               return FAILURE;
+                       }
+                       if (php_check_open_basedir(save_path TSRMLS_CC)) {
+                               return FAILURE;
+                       }
                }
        }
        

diff --git a/ext/session/session.c b/ext/session/session.c
index da4e57481e87526f45f4b635b19a25f43a7f457b..2b20dde0aac4ba3c4dde6509d36a91a1aaca9bf7 100644 (file)
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -163,7 +163,7 @@ static PHP_INI_MH(OnUpdateSaveDir)
                        p = new_value;
                }
 
-               if (PG(safe_mode) && (!php_checkuid(p, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
+               if (PG(safe_mode) && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
                        return FAILURE;
                }