|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2015, PHP 5.6.17
+- Mysqlnd:
+ . Fixed bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction).
+ (Laruence)
+
- SOAP:
. Fixed bug #70900 (SoapClient systematic out of memory error). (Dmitry)
passwd_len = passwd? strlen(passwd):0;
}
+#if !defined(MYSQL_USE_MYSQLND)
/* disable local infile option for open_basedir */
#if PHP_API_VERSION < 20100412
if (((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) && (client_flags & CLIENT_LOCAL_FILES)) {
#endif
client_flags ^= CLIENT_LOCAL_FILES;
}
+#endif
#ifdef CLIENT_MULTI_RESULTS
client_flags |= CLIENT_MULTI_RESULTS; /* compatibility with 5.2, see bug#50416 */
}
MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_INITIALIZED);
+#if !defined(MYSQLI_USE_MYSQLND)
#if PHP_API_VERSION < 20100412
if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) {
#else
RETURN_FALSE;
}
}
+#endif
expected_type = mysqli_options_get_option_zval_type(mysql_option);
if (expected_type != Z_TYPE_PP(mysql_value)) {
switch (expected_type) {
flags |= CLIENT_MULTI_RESULTS; /* needed for mysql_multi_query() */
/* remove some insecure options */
flags &= ~CLIENT_MULTI_STATEMENTS; /* don't allow multi_queries via connect parameter */
+#if !defined(MYSQLI_USE_MYSQLND)
if (PG(open_basedir) && PG(open_basedir)[0] != '\0') {
flags &= ~CLIENT_LOCAL_FILES;
}
+#endif
}
if (!socket_len || !socket) {
--- /dev/null
+--TEST--
+Bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction)
+--SKIPIF--
+<?php
+require_once('skipif.inc');
+require_once('skipifconnectfailure.inc');
+if (!$IS_MYSQLND) {
+ die("skip: test applies only to mysqlnd");
+}
+?>
+--INI--
+open_basedir={PWD}
+--FILE--
+<?php
+ require_once("connect.inc");
+
+ if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)) {
+ printf("[001] Connect failed, [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());
+ }
+
+ if (!$link->query("DROP TABLE IF EXISTS test")) {
+ printf("[002] [%d] %s\n", $link->errno, $link->error);
+ }
+
+ if (!$link->query("CREATE TABLE test (dump1 INT UNSIGNED NOT NULL PRIMARY KEY) ENGINE=" . $engine)) {
+ printf("[003] [%d] %s\n", $link->errno, $link->error);
+ }
+
+ if (FALSE == file_put_contents(__DIR__ . '/bug53503.data', "1\n2\n3\n"))
+ printf("[004] Failed to create CVS file\n");
+
+ if (!$link->query("SELECT 1 FROM DUAL"))
+ printf("[005] [%d] %s\n", $link->errno, $link->error);
+
+ if (!$link->query("LOAD DATA LOCAL INFILE '" . __DIR__ . "/bug53503.data' INTO TABLE test")) {
+ printf("[006] [%d] %s\n", $link->errno, $link->error);
+ echo "bug\n";
+ } else {
+ echo "done\n";
+ }
+
+ if (!$link->query("LOAD DATA LOCAL INFILE '../../bug53503.data' INTO TABLE test")) {
+ printf("[006] [%d] %s\n", $link->errno, $link->error);
+ echo "done\n";
+ } else {
+ echo "bug\n";
+ }
+ $link->close();
+?>
+--CLEAN--
+<?php
+require_once('connect.inc');
+
+if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)) {
+ printf("[clean] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n",
+ $host, $user, $db, $port, $socket);
+}
+
+if (!$link->query($link, 'DROP TABLE IF EXISTS test')) {
+ printf("[clean] Failed to drop old test table: [%d] %s\n", mysqli_errno($link), mysqli_error($link));
+}
+
+$link->close();
+
+unlink('bug53503.data');
+?>
+--EXPECTF--
+done
+[006] [2000] open_basedir restriction in effect. Unable to open file
+done
?>
--FILE--
<?php
- require_once('connect.inc');
- ini_set("open_basedir", __DIR__);
- if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))
- printf("[001] Cannot connect, [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());
+require_once('connect.inc');
+ini_set("open_basedir", __DIR__);
+if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket))
+ printf("[001] Cannot connect, [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());
+if ($IS_MYSQLND) {
+ if (true !== mysqli_options($link, MYSQLI_OPT_LOCAL_INFILE, 1))
+ printf("[002] Can not set MYSQLI_OPT_LOCAL_INFILE although open_basedir is set!\n");
+
+} else {
if (false !== mysqli_options($link, MYSQLI_OPT_LOCAL_INFILE, 1))
printf("[002] Can set MYSQLI_OPT_LOCAL_INFILE although open_basedir is set!\n");
- mysqli_close($link);
- print "done!";
+}
+mysqli_close($link);
+print "done!";
?>
--EXPECTF--
done!
mysql_flags |= conn->options->flags; /* use the flags from set_client_option() */
- if (PG(open_basedir) && strlen(PG(open_basedir))) {
- mysql_flags ^= CLIENT_LOCAL_FILES;
- }
-
#ifndef MYSQLND_COMPRESSION_ENABLED
if (mysql_flags & CLIENT_COMPRESS) {
mysql_flags &= ~CLIENT_COMPRESS;
goto cleanup;
}
+#ifndef PDO_USE_MYSQLND
#if PHP_API_VERSION < 20100412
if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode))
#else
{
local_infile = 0;
}
+#endif
#if defined(MYSQL_OPT_LOCAL_INFILE) || defined(PDO_USE_MYSQLND)
if (mysql_options(H->server, MYSQL_OPT_LOCAL_INFILE, (const char *)&local_infile)) {
pdo_mysql_error(dbh);
projects / php / commitdiff