Merge safe_mode changes into extensions that are in sync in both branches

diff --git a/ext/enchant/enchant.c b/ext/enchant/enchant.c
index e415019b86bfc7abf829c198c620bd5538aeace9..04852e16632992e6237b2c88da837199c6e1f214 100755 (executable)
--- a/ext/enchant/enchant.c
+++ b/ext/enchant/enchant.c
@@ -587,7 +587,11 @@ PHP_FUNCTION(enchant_broker_request_pwl_dict)
                RETURN_FALSE;
        }
 
+#if PHP_API_VERSION < 20100412
        if ((PG(safe_mode) && (!php_checkuid(pwl, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(pwl TSRMLS_CC)) {
+#else
+       if (php_check_open_basedir(pwl TSRMLS_CC)) {
+#endif
                RETURN_FALSE;
        }
 

diff --git a/ext/fileinfo/fileinfo.c b/ext/fileinfo/fileinfo.c
index 443129bd91ae3bf72597a565fc08cf82678fbd7e..75862e7e525736e2cf5807542a82700c571e364a 100644 (file)
--- a/ext/fileinfo/fileinfo.c
+++ b/ext/fileinfo/fileinfo.c
@@ -167,7 +167,7 @@ ZEND_END_ARG_INFO()
 
 /* {{{ finfo_class_functions
  */
-function_entry finfo_class_functions[] = {
+zend_function_entry finfo_class_functions[] = {
        ZEND_ME_MAPPING(finfo,          finfo_open,     arginfo_finfo_open, ZEND_ACC_PUBLIC)
        ZEND_ME_MAPPING(set_flags,      finfo_set_flags,arginfo_finfo_method_set_flags, ZEND_ACC_PUBLIC)
        ZEND_ME_MAPPING(file,           finfo_file,     arginfo_finfo_method_file, ZEND_ACC_PUBLIC)
@@ -201,7 +201,7 @@ void finfo_resource_destructor(zend_rsrc_list_entry *rsrc TSRMLS_DC) /* {{{ */
 
 /* {{{ fileinfo_functions[]
  */
-function_entry fileinfo_functions[] = {
+zend_function_entry fileinfo_functions[] = {
        PHP_FE(finfo_open,              arginfo_finfo_open)
        PHP_FE(finfo_close,             arginfo_finfo_close)
        PHP_FE(finfo_set_flags, arginfo_finfo_set_flags)
@@ -297,7 +297,11 @@ PHP_FUNCTION(finfo_open)
                }
                file = resolved_path;
 
+#if PHP_API_VERSION < 20100412
                if ((PG(safe_mode) && (!php_checkuid(file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(file TSRMLS_CC)) {
+#else
+               if (php_check_open_basedir(file TSRMLS_CC)) {
+#endif
                        RETURN_FALSE;
                }
        }
@@ -492,8 +496,11 @@ static void _php_finfo_get_type(INTERNAL_FUNCTION_PARAMETERS, int mode, int mime
 
                        if (wrap) {
                                php_stream_context *context = php_stream_context_from_zval(zcontext, 0);
-
+#if PHP_API_VERSION < 20100412
                                php_stream *stream = php_stream_open_wrapper_ex(buffer, "rb", ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context);
+#else
+                               php_stream *stream = php_stream_open_wrapper_ex(buffer, "rb", REPORT_ERRORS, NULL, context);
+#endif
 
                                if (!stream) {
                                        RETVAL_FALSE;

diff --git a/ext/fileinfo/libmagic.patch b/ext/fileinfo/libmagic.patch
index dc8e03fd1761ee56689e82278257bd34399dd269..276bb011c5c114e221f14d7f87fd05cc7962cfba 100644 (file)
--- a/ext/fileinfo/libmagic.patch
+++ b/ext/fileinfo/libmagic.patch
@@ -257,7 +257,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c
 +
 +      TSRMLS_FETCH();
 +
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
 +      stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 +#else
 +      stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL);
@@ -490,7 +490,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c
                goto error2;
  
 -      if ((fd = open(dbname, O_RDONLY|O_BINARY)) == -1)
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
 +              stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 +#else
 +              stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL);
@@ -647,7 +647,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c
  
 -      if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0644)) == -1) {
 +/* wb+ == O_WRONLY|O_CREAT|O_TRUNC|O_BINARY */
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
 +      stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 +#else
 +      stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS, NULL);
@@ -799,7 +799,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c
                        break;
                case CDF_FILETIME:
                        tp = info[i].pi_tp;
-+#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
++#if defined(PHP_WIN32) && _MSC_VER <= 1500
 +              if (tp < 1000000000000000i64) {
 +#else
                        if (tp < 1000000000000000LL) {
@@ -822,7 +822,7 @@ diff -u libmagic.orig/cdf.h libmagic/cdf.h
  typedef struct {
        uint64_t        h_magic;
 -#define CDF_MAGIC     0xE11AB1A1E011CFD0LL
-+#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
++#if defined(PHP_WIN32) && _MSC_VER <= 1500
 +# define CDF_MAGIC    0xE11AB1A1E011CFD0i64
 +#else
 +# define CDF_MAGIC    0xE11AB1A1E011CFD0LL
@@ -2019,7 +2019,7 @@ diff -u libmagic.orig/magic.c libmagic/magic.c
 +
 +      if (!stream && inname) {
 +              no_in_stream = 1;
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
 +              stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 +#else
 +              stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS, NULL);
@@ -2392,7 +2392,7 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c
                case CDF_FILETIME:
                        tp = info[i].pi_tp;
                        if (tp != 0) {
-+#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
++#if defined(PHP_WIN32) && _MSC_VER <= 1500
 +                              if (tp < 1000000000000000i64) {
 +#else
                                if (tp < 1000000000000000LL) {
@@ -2773,7 +2773,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c
 +              
 +              convert_libmagic_pattern(pattern, options);
 +              
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
 +              if ((pce = pcre_get_compiled_regex_cache(Z_STRVAL_P(pattern), Z_STRLEN_P(pattern) TSRMLS_CC)) == NULL) {
  #else
 -                      pmatch[0].rm_so = 0;
@@ -2800,7 +2800,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c
 +                      haystack = estrndup(ms->search.s, ms->search.s_len);
 +
 +                      /* match v = 0, no match v = 1 */
-+#if (PHP_MAJOR_VERSION < 6)
++#if PHP_API_VERSION < 20100412
 +                      php_pcre_match_impl(pce, haystack, ms->search.s_len, retval, subpats, 1, 1, PREG_OFFSET_CAPTURE, 0 TSRMLS_CC);
 +#else                 
 +                      php_pcre_match_impl(pce, IS_STRING, haystack, ms->search.s_len, retval, subpats, 1, 1, PREG_OFFSET_CAPTURE, 0 TSRMLS_CC);

diff --git a/ext/fileinfo/libmagic/apprentice.c b/ext/fileinfo/libmagic/apprentice.c
index ffa2cb529cf4fcfdf56e01ba169a5385aa9528b2..53fa8d5a1448ea6cb740aafd0bcc64c523c7bea7 100644 (file)
--- a/ext/fileinfo/libmagic/apprentice.c
+++ b/ext/fileinfo/libmagic/apprentice.c
@@ -597,7 +597,7 @@ load_1(struct magic_set *ms, int action, const char *fn, int *errs,
 
        TSRMLS_FETCH();
 
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
        stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 #else
        stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL);
@@ -2041,7 +2041,7 @@ apprentice_map(struct magic_set *ms, struct magic **magicp, uint32_t *nmagicp,
        if (dbname == NULL)
                goto error2;
 
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
                stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 #else
                stream = php_stream_open_wrapper((char *)fn, "rb", REPORT_ERRORS, NULL);
@@ -2165,7 +2165,7 @@ apprentice_compile(struct magic_set *ms, struct magic **magicp,
        }
 
 /* wb+ == O_WRONLY|O_CREAT|O_TRUNC|O_BINARY */
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
        stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 #else
        stream = php_stream_open_wrapper((char *)fn, "wb+", REPORT_ERRORS, NULL);

diff --git a/ext/fileinfo/libmagic/cdf.c b/ext/fileinfo/libmagic/cdf.c
index a3b4a11fc0e27b4e5ec067ccb8f5f58fe8baab8b..a3f70220850beb1cf4ff9130a0496e079ec731ed 100644 (file)
--- a/ext/fileinfo/libmagic/cdf.c
+++ b/ext/fileinfo/libmagic/cdf.c
@@ -1131,7 +1131,7 @@ cdf_dump_property_info(const cdf_property_info_t *info, size_t count)
                        break;
                case CDF_FILETIME:
                        tp = info[i].pi_tp;
-#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
+#if defined(PHP_WIN32) && _MSC_VER <= 1500
                if (tp < 1000000000000000i64) {
 #else
                        if (tp < 1000000000000000LL) {

diff --git a/ext/fileinfo/libmagic/cdf.h b/ext/fileinfo/libmagic/cdf.h
index 1fa69cfebffc4634174fa39f069eaaa83ef0beb1..c056a821007e3c07f4b8e987ff0e7a68f205cbfa 100644 (file)
--- a/ext/fileinfo/libmagic/cdf.h
+++ b/ext/fileinfo/libmagic/cdf.h
@@ -42,7 +42,7 @@ typedef int32_t cdf_secid_t;
 
 typedef struct {
        uint64_t        h_magic;
-#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
+#if defined(PHP_WIN32) && _MSC_VER <= 1500
 # define CDF_MAGIC     0xE11AB1A1E011CFD0i64
 #else
 # define CDF_MAGIC     0xE11AB1A1E011CFD0LL

diff --git a/ext/fileinfo/libmagic/magic.c b/ext/fileinfo/libmagic/magic.c
index 849896bc837fb8cb591cc7f69931ac8f8bd02809..a8bf6d8880f17f752045cbe42b087c36d5b513f2 100644 (file)
--- a/ext/fileinfo/libmagic/magic.c
+++ b/ext/fileinfo/libmagic/magic.c
@@ -290,7 +290,7 @@ file_or_stream(struct magic_set *ms, const char *inname, php_stream *stream)
 
        if (!stream && inname) {
                no_in_stream = 1;
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
                stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 #else
                stream = php_stream_open_wrapper(inname, "rb", REPORT_ERRORS, NULL);

diff --git a/ext/fileinfo/libmagic/readcdf.c b/ext/fileinfo/libmagic/readcdf.c
index 56d6504039dc45eb3016655ffda2c776fca7bb37..117dc786ffc03ea8da53a08ab1b0b003b83aeada 100644 (file)
--- a/ext/fileinfo/libmagic/readcdf.c
+++ b/ext/fileinfo/libmagic/readcdf.c
@@ -110,7 +110,7 @@ cdf_file_property_info(struct magic_set *ms, const cdf_property_info_t *info,
                case CDF_FILETIME:
                        tp = info[i].pi_tp;
                        if (tp != 0) {
-#if defined(PHP_WIN32 ) && _MSC_VER <= 1500
+#if defined(PHP_WIN32) && _MSC_VER <= 1500
                                if (tp < 1000000000000000i64) {
 #else
                                if (tp < 1000000000000000LL) {

diff --git a/ext/mysql/php_mysql.c b/ext/mysql/php_mysql.c
index 2c3085fd82aabf453bd6ab363a47b332489e132c..b948fd2158210238452810806100c54f70e25b45 100644 (file)
--- a/ext/mysql/php_mysql.c
+++ b/ext/mysql/php_mysql.c
@@ -664,7 +664,11 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent)
                }
 
                /* disable local infile option for open_basedir */
+#if PHP_API_VERSION < 20100412
                if (((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) && (client_flags & CLIENT_LOCAL_FILES)) {
+#else
+               if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') && (client_flags & CLIENT_LOCAL_FILES)) {
+#endif
                        client_flags ^= CLIENT_LOCAL_FILES;
                }
 

diff --git a/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt b/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt
index a257f5fb8102586b8b0ce65234238a7f4bb6876d..ff62f4227ea43b81a0c60979e5d0a280a119099f 100644 (file)
--- a/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt
+++ b/ext/mysql/tests/mysql_query_load_data_openbasedir.phpt
@@ -26,7 +26,6 @@ if ($socket == "" && $host != NULL && $host != 'localhost' && $host != '.') {
 }
 ?>
 --INI--
-safe_mode=0
 open_basedir="."
 --FILE--
 <?php

diff --git a/ext/mysqli/mysqli_api.c b/ext/mysqli/mysqli_api.c
index 556b26690f2eab74c9c25f921edbd039106db8c3..bd2cdcb0cfbd14203bf606e173ae10a2533209d7 100644 (file)
--- a/ext/mysqli/mysqli_api.c
+++ b/ext/mysqli/mysqli_api.c
@@ -1674,7 +1674,11 @@ PHP_FUNCTION(mysqli_options)
        }
        MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link, "mysqli_link", MYSQLI_STATUS_INITIALIZED);
 
+#if PHP_API_VERSION < 20100412
        if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) {
+#else
+       if (PG(open_basedir) && PG(open_basedir)[0] != '\0') {
+#endif
                if(mysql_option == MYSQL_OPT_LOCAL_INFILE) {
                        RETURN_FALSE;
                }

diff --git a/ext/mysqlnd/mysqlnd_net.c b/ext/mysqlnd/mysqlnd_net.c
index 4ade74b7d5420b0f6b4467086ebd80915a24eeb0..2859c783ba156eb72939aefc2784befc07f6b13e 100644 (file)
--- a/ext/mysqlnd/mysqlnd_net.c
+++ b/ext/mysqlnd/mysqlnd_net.c
@@ -102,7 +102,11 @@ MYSQLND_METHOD(mysqlnd_net, network_write)(MYSQLND * const conn, const zend_ucha
 static enum_func_status
 MYSQLND_METHOD(mysqlnd_net, connect)(MYSQLND_NET * net, const char * const scheme, size_t scheme_len, zend_bool persistent, char **errstr, int * errcode TSRMLS_DC)
 {
+#if PHP_API_VERSION < 20100412
        unsigned int streams_options = ENFORCE_SAFE_MODE;
+#else
+       unsigned int streams_options = 0;
+#endif
        unsigned int streams_flags = STREAM_XPORT_CLIENT | STREAM_XPORT_CONNECT;
        char * hashed_details = NULL;
        int hashed_details_len = 0;

diff --git a/ext/pdo_mysql/mysql_driver.c b/ext/pdo_mysql/mysql_driver.c
index 1bb6d2a74fd10bb6d36ea7054d461331dc4efd5c..be500da8861498fd6bba746fff714041031c39ff 100755 (executable)
--- a/ext/pdo_mysql/mysql_driver.c
+++ b/ext/pdo_mysql/mysql_driver.c
@@ -649,7 +649,7 @@ static int pdo_mysql_handle_factory(pdo_dbh_t *dbh, zval *driver_options TSRMLS_
                        goto cleanup;
                }
 
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
                if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode))
 #else
                if (PG(open_basedir) && PG(open_basedir)[0] != '\0') 

diff --git a/ext/phar/phar.c b/ext/phar/phar.c
index f76735089afdc5a35c870009876be8157e6f39e7..770f1ceffe9812394381d285f7bae8599608628d 100644 (file)
--- a/ext/phar/phar.c
+++ b/ext/phar/phar.c
@@ -1327,7 +1327,7 @@ int phar_create_or_parse_filename(char *fname, int fname_len, char *alias, int a
        if (!pphar) {
                pphar = &mydata;
        }
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
        if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
                return FAILURE;
        }
@@ -1491,7 +1491,7 @@ int phar_open_from_filename(char *fname, int fname_len, char *alias, int alias_l
        } else if (error && *error) {
                return FAILURE;
        }
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
        if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
                return FAILURE;
        }
@@ -2359,7 +2359,7 @@ int phar_open_executed_filename(char *alias, int alias_len, char **error TSRMLS_
 
        FREE_ZVAL(halt_constant);
 
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
        if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
                return FAILURE;
        }

diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
index 41ae46c21593e3dee91c345d13ec7cd37cd64ab1..9b534dc25e1463b229f97143e388597b09d10ae2 100755 (executable)
--- a/ext/phar/phar_object.c
+++ b/ext/phar/phar_object.c
@@ -1754,7 +1754,7 @@ phar_spl_fileinfo:
                        return ZEND_HASH_APPLY_STOP;
                }
        }
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
        if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
                zend_throw_exception_ex(spl_ce_UnexpectedValueException, 0 TSRMLS_CC, "Iterator %v returned a path \"%s\" that safe mode prevents opening", ce->name, fname);
 
@@ -3943,7 +3943,7 @@ PHP_METHOD(Phar, addFile)
                return;
        }
 
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
        if (PG(safe_mode) && (!php_checkuid(fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
                zend_throw_exception_ex(spl_ce_RuntimeException, 0 TSRMLS_CC, "phar error: unable to open file \"%s\" to add to phar archive, safe_mode restrictions prevent this", fname);
                return;
@@ -4187,11 +4187,11 @@ PHP_METHOD(Phar, delMetadata)
        }
 }
 /* }}} */
-#if (PHP_MAJOR_VERSION < 6)
-#define OPENBASEDIR_CHECKPATH(filename) \
+#if PHP_API_VERSION < 20100412
+#define PHAR_OPENBASEDIR_CHECKPATH(filename) \
        (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)
 #else
-#define OPENBASEDIR_CHECKPATH(filename) \
+#define PHAR_OPENBASEDIR_CHECKPATH(filename) \
        php_check_open_basedir(filename TSRMLS_CC)
 #endif
 
@@ -4235,7 +4235,7 @@ static int phar_extract_file(zend_bool overwrite, phar_entry_info *entry, char *
                return FAILURE;
        }
 
-       if (OPENBASEDIR_CHECKPATH(fullpath)) {
+       if (PHAR_OPENBASEDIR_CHECKPATH(fullpath)) {
                spprintf(error, 4096, "Cannot extract \"%s\" to \"%s\", openbasedir/safe mode restrictions in effect", entry->filename, fullpath);
                efree(fullpath);
                return FAILURE;
@@ -4285,7 +4285,11 @@ static int phar_extract_file(zend_bool overwrite, phar_entry_info *entry, char *
                return SUCCESS;
        }
 
+#if PHP_API_VERSION < 20100412
        fp = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
+#else
+       fp = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS, NULL);
+#endif
 
        if (!fp) {
                spprintf(error, 4096, "Cannot extract \"%s\", could not open for writing \"%s\"", entry->filename, fullpath);

diff --git a/ext/phar/util.c b/ext/phar/util.c
index 0aa2bd7bb9df2f77488041c8b74755cf6a9f0704..985d9ac5413add1a0c01bfd55d16ce394f176fa7 100644 (file)
--- a/ext/phar/util.c
+++ b/ext/phar/util.c
@@ -201,7 +201,7 @@ int phar_mount_entry(phar_archive_data *phar, char *filename, int filename_len,
                        entry.tmp = estrndup(filename, filename_len);
                }
        }
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
        if (PG(safe_mode) && !is_phar && (!php_checkuid(entry.tmp, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
                efree(entry.tmp);
                efree(entry.filename);
@@ -850,7 +850,7 @@ int phar_open_archive_fp(phar_archive_data *phar TSRMLS_DC) /* {{{ */
        if (phar_get_pharfp(phar TSRMLS_CC)) {
                return SUCCESS;
        }
-#if PHP_MAJOR_VERSION < 6
+#if PHP_API_VERSION < 20100412
        if (PG(safe_mode) && (!php_checkuid(phar->fname, NULL, CHECKUID_ALLOW_ONLY_FILE))) {
                return FAILURE;
        }

diff --git a/ext/sqlite3/sqlite3.c b/ext/sqlite3/sqlite3.c
index 7f7bbe9a955b5c2535e4751db1c5edbae40c6d2d..00364b0dd4942af7369691a6fec3798783137eb7 100644 (file)
--- a/ext/sqlite3/sqlite3.c
+++ b/ext/sqlite3/sqlite3.c
@@ -120,11 +120,13 @@ PHP_METHOD(sqlite3, open)
                        return;
                }
 
+#if PHP_API_VERSION < 20100412
                if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
                        zend_throw_exception_ex(zend_exception_get_default(TSRMLS_C), 0 TSRMLS_CC, "safe_mode prohibits opening %s", fullpath);
                        efree(fullpath);
                        return;
                }
+#endif
 
                if (php_check_open_basedir(fullpath TSRMLS_CC)) {
                        zend_throw_exception_ex(zend_exception_get_default(TSRMLS_C), 0 TSRMLS_CC, "open_basedir prohibits opening %s", fullpath);
@@ -158,7 +160,11 @@ PHP_METHOD(sqlite3, open)
        }
 #endif
 
+#if PHP_API_VERSION < 20100412
        if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) {
+#else
+       if (PG(open_basedir) && *PG(open_basedir)) {
+#endif
                sqlite3_set_authorizer(db_obj->db, php_sqlite3_authorizer, NULL);
        }
 
@@ -1779,14 +1785,18 @@ static zend_function_entry php_sqlite3_result_class_methods[] = {
 */
 static int php_sqlite3_authorizer(void *autharg, int access_type, const char *arg3, const char *arg4, const char *arg5, const char *arg6)
 {
-       TSRMLS_FETCH();
        switch (access_type) {
                case SQLITE_ATTACH:
                {
                        if (strncmp(arg3, ":memory:", sizeof(":memory:")-1)) {
+                               TSRMLS_FETCH();
+
+#if PHP_API_VERSION < 20100412
                                if (PG(safe_mode) && (!php_checkuid(arg3, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
                                        return SQLITE_DENY;
                                }
+#endif
+
                                if (php_check_open_basedir(arg3 TSRMLS_CC)) {
                                        return SQLITE_DENY;
                                }

diff --git a/ext/sqlite3/tests/sqlite3_21_security.phpt b/ext/sqlite3/tests/sqlite3_21_security.phpt
index 5061a595c3eb5c6704786f3b42b5298e46898060..7e83bb23e1534efc1026a9eab231c4ab89810f54 100644 (file)
--- a/ext/sqlite3/tests/sqlite3_21_security.phpt
+++ b/ext/sqlite3/tests/sqlite3_21_security.phpt
@@ -1,5 +1,5 @@
 --TEST--
-SQLite3 open_basedir / safe_mode checks
+SQLite3 open_basedir checks
 --SKIPIF--
 <?php require_once(dirname(__FILE__) . '/skipif.inc'); ?>
 --INI--

diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
index 6de4f629f6b2e6a26cd9a8a3582cbe38f09fc49b..cbfc0d938f8d16844809f1e476d98e875f6baf7e 100644 (file)
--- a/ext/zip/php_zip.c
+++ b/ext/zip/php_zip.c
@@ -184,7 +184,7 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
 
                php_basename(path_cleaned, path_cleaned_len, NULL, 0, &file_basename, (size_t *)&file_basename_len TSRMLS_CC);
 
-               if (OPENBASEDIR_CHECKPATH(file_dirname_fullpath)) {
+               if (ZIP_OPENBASEDIR_CHECKPATH(file_dirname_fullpath)) {
                        efree(file_dirname_fullpath);
                        efree(file_basename);
                        free(new_state.cwd);
@@ -238,7 +238,7 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
         * is required, does a file can have a different
         * safemode status as its parent folder?
         */
-       if (OPENBASEDIR_CHECKPATH(fullpath)) {
+       if (ZIP_OPENBASEDIR_CHECKPATH(fullpath)) {
                efree(fullpath);
                efree(file_dirname_fullpath);
                efree(file_basename);
@@ -255,7 +255,7 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
                return 0;
        }
 
-#if (PHP_MAJOR_VERSION < 6)
+#if PHP_API_VERSION < 20100412
        stream = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 #else
        stream = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS, NULL);
@@ -288,7 +288,7 @@ static int php_zip_add_file(struct zip *za, const char *filename, int filename_l
        char resolved_path[MAXPATHLEN];
 
 
-       if (OPENBASEDIR_CHECKPATH(filename)) {
+       if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
                return -1;
        }
 
@@ -530,7 +530,7 @@ int php_zip_glob(char *pattern, int pattern_len, long flags, zval *return_value
        /* we assume that any glob pattern will match files from one directory only
           so checking the dirname of the first match should be sufficient */
        strncpy(cwd, globbuf.gl_pathv[0], MAXPATHLEN);
-       if (OPENBASEDIR_CHECKPATH(cwd)) {
+       if (ZIP_OPENBASEDIR_CHECKPATH(cwd)) {
                return -1;
        }
 
@@ -592,7 +592,7 @@ int php_zip_pcre(char *regexp, int regexp_len, char *path, int path_len, zval *r
        } 
 #endif
 
-       if (OPENBASEDIR_CHECKPATH(path)) {
+       if (ZIP_OPENBASEDIR_CHECKPATH(path)) {
                return -1;
        }
 
@@ -1148,7 +1148,7 @@ static PHP_NAMED_FUNCTION(zif_zip_open)
                RETURN_FALSE;
        }
 
-       if (OPENBASEDIR_CHECKPATH(filename)) {
+       if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
                RETURN_FALSE;
        }
 
@@ -1437,7 +1437,7 @@ static ZIPARCHIVE_METHOD(open)
                RETURN_FALSE;
        }
 
-       if (OPENBASEDIR_CHECKPATH(filename)) {
+       if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
                RETURN_FALSE;
        }
 

diff --git a/ext/zip/php_zip.h b/ext/zip/php_zip.h
index ac39a9ac85cd06c86316d38cb2752f41a54a5bdc..1d5f9b358a10704f4b71654101961cee959158ba 100644 (file)
--- a/ext/zip/php_zip.h
+++ b/ext/zip/php_zip.h
@@ -43,12 +43,12 @@ extern zend_module_entry zip_module_entry;
 # endif
 #endif
 
-/* {{{ OPENBASEDIR_CHECKPATH(filename) */
-#if (PHP_MAJOR_VERSION < 6)
-# define OPENBASEDIR_CHECKPATH(filename) \
+/* {{{ ZIP_OPENBASEDIR_CHECKPATH(filename) */
+#if PHP_API_VERSION < 20100412
+# define ZIP_OPENBASEDIR_CHECKPATH(filename) \
        (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)
 #else
-#define OPENBASEDIR_CHECKPATH(filename) \
+#define ZIP_OPENBASEDIR_CHECKPATH(filename) \
        php_check_open_basedir(filename TSRMLS_CC)
 #endif
 /* }}} */

diff --git a/ext/zip/zip_stream.c b/ext/zip/zip_stream.c
index bb676efb49c7d5e8902e27bc4694a787d9dfbdad..c535dd4f09af2aa63f43eca6702fddbabc840188 100644 (file)
--- a/ext/zip/zip_stream.c
+++ b/ext/zip/zip_stream.c
@@ -120,7 +120,7 @@ php_stream *php_stream_zip_open(char *filename, char *path, char *mode STREAMS_D
        }
 
        if (filename) {
-               if (OPENBASEDIR_CHECKPATH(filename)) {
+               if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
                        return NULL;
                }
 
@@ -201,7 +201,7 @@ php_stream *php_stream_zip_opener(php_stream_wrapper *wrapper,
        php_basename(path, path_len - fragment_len, NULL, 0, &file_basename, &file_basename_len TSRMLS_CC);
        fragment++;
 
-       if (OPENBASEDIR_CHECKPATH(file_dirname)) {
+       if (ZIP_OPENBASEDIR_CHECKPATH(file_dirname)) {
                efree(file_basename);
                return NULL;
        }