}
/* }}} */
-/* {{{ php_check_safe_mode_include_dir
- */
-PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC)
-{
- if (PG(safe_mode)) {
- if (PG(safe_mode_include_dir) && *PG(safe_mode_include_dir)) {
- char *pathbuf;
- char *ptr;
- char *end;
- char resolved_name[MAXPATHLEN];
-
- /* Resolve the real path into resolved_name */
- if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL)
- return -1;
-
- pathbuf = estrdup(PG(safe_mode_include_dir));
-
- ptr = pathbuf;
-
- while (ptr && *ptr) {
- end = strchr(ptr, DEFAULT_DIR_SEPARATOR);
- if (end != NULL) {
- *end = '\0';
- end++;
- }
-
- /* Check the path */
-#ifdef PHP_WIN32
- if (strncasecmp(ptr, resolved_name, strlen(ptr)) == 0)
-#else
- if (strncmp(ptr, resolved_name, strlen(ptr)) == 0)
-#endif
- {
- /* File is in the right directory */
- efree(pathbuf);
- return 0;
- }
-
- ptr = end;
- }
- efree(pathbuf);
- }
- return -1;
- }
-
- /* Nothing to check... */
- return 0;
-}
-/* }}} */
/* {{{ php_fopen_and_set_opened_path
*/
*/
/* Absolute path open */
- if (IS_ABSOLUTE_PATH(filename, filename_length)) {
- if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0)
- /* filename is in safe_mode_include_dir (or subdir) */
- return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
-
- return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
- }
-
- if (!path || (path && !*path)) {
+ /* FIXME: Andi - Do we actually need the if()? */
+ if (IS_ABSOLUTE_PATH(filename, filename_length) || (!path || (path && !*path))) {
return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
}
end++;
}
snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename);
- if (PG(safe_mode)) {
- if (VCWD_STAT(trypath, &sb) == 0) {
- /* file exists ... check permission */
- if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) ||
- php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM))
- /* UID ok, or trypath is in safe_mode_include_dir */
- fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC);
- else
- fp = NULL;
-
- efree(pathbuf);
- return fp;
- }
- }
+
fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC);
if (fp) {
efree(pathbuf);
PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC);
PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path TSRMLS_DC);
-PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC);
-
PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char **opened_path TSRMLS_DC);
PHPAPI int php_is_url(char *path);
return NULL;
}
- if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0)
- /* filename is in safe_mode_include_dir (or subdir) */
- return php_stream_fopen_rel(filename, mode, opened_path, options);
-
return php_stream_fopen_rel(filename, mode, opened_path, options);
}
if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(trypath TSRMLS_CC)) {
return NULL;
}
- if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC)) == 0) {
- return php_stream_fopen_rel(trypath, mode, opened_path, options);
- }
return php_stream_fopen_rel(trypath, mode, opened_path, options);
}
continue;
}
- if (PG(safe_mode)) {
- if (VCWD_STAT(trypath, &sb) == 0) {
- /* file exists ... check permission */
- if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) ||
- php_checkuid_ex(trypath, mode, CHECKUID_CHECK_MODE_PARAM, CHECKUID_NO_ERRORS)) {
- /* UID ok, or trypath is in safe_mode_include_dir */
- stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
- goto stream_done;
- }
- }
- ptr = end;
- continue;
- }
stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
if (stream) {
stream_done:
projects / php / commitdiff