From: Rasmus Lerdorf <rasmus@php.net>
Date: Sat, 11 May 2002 18:50:28 +0000 (+0000)
Subject: MFH - safe-mode show_source() fix
X-Git-Tag: php-4.2.1~11
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4caca1d6ebff2791bd1cc2348a660fb0fcb18221;p=php

MFH - safe-mode show_source() fix
---

diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 2fae423907..26aef54e7b 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -1889,6 +1889,14 @@ PHP_FUNCTION(highlight_file)
 	}
 	convert_to_string(filename);
 
+	if (PG(safe_mode) && (!php_checkuid(Z_STRVAL_P(filename), NULL, CHECKUID_ALLOW_ONLY_FILE))) {
+		RETURN_FALSE;
+	}
+
+	if (php_check_open_basedir(Z_STRVAL_P(filename) TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
+
 	if (i) {
 		php_start_ob_buffer (NULL, 0, 1 TSRMLS_CC);
 	}