- Fixed securities issue detailed in CVE-2008-2665 and CVE-2008-2666.

author Felipe Pena <felipe@php.net>

Mon, 21 Jul 2008 19:32:21 +0000 (19:32 +0000)

committer Felipe Pena <felipe@php.net>

Mon, 21 Jul 2008 19:32:21 +0000 (19:32 +0000)
author Felipe Pena <felipe@php.net>
Mon, 21 Jul 2008 19:32:21 +0000 (19:32 +0000)
committer Felipe Pena <felipe@php.net>
Mon, 21 Jul 2008 19:32:21 +0000 (19:32 +0000)
diff --git a/main/safe_mode.c b/main/safe_mode.c

index b791351c3b0046cadb33ddeabaa69d7793d1e363..d9d1a4f02b4acf5250d0573cf625f1e3edaff50f 100644 (file)
--- a/main/safe_mode.c
+++ b/main/safe_mode.c
@@ -73,14 +73,6 @@ PHPAPI int php_checkuid_ex(const char *filename, const char *fopen_mode, int mod
                         mode = CHECKUID_CHECK_FILE_AND_DIR;
                 }
         }
-
-       /* 
-        * If given filepath is a URL, allow - safe mode stuff
-        * related to URL's is checked in individual functions
-        */
-       wrapper = php_stream_locate_url_wrapper(filename, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC);
-       if (wrapper != NULL)
-               return 1;
                 
         /* First we see if the file is owned by the same user...
          * If that fails, passthrough and check directory...
author	Felipe Pena <felipe@php.net>
	Mon, 21 Jul 2008 19:32:21 +0000 (19:32 +0000)
committer	Felipe Pena <felipe@php.net>
	Mon, 21 Jul 2008 19:32:21 +0000 (19:32 +0000)