From: Ilia Alshanetsky <iliaa@php.net>
Date: Thu, 4 Jan 2007 23:49:35 +0000 (+0000)
Subject: Added missing open_basedir checks
X-Git-Tag: php-5.2.1RC2~2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7ba84b8807eddac346df75fcaea0f6ad3295712c;p=php

Added missing open_basedir checks
---

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index f25d15dd2f..df677bb388 100644
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -251,6 +251,13 @@ PS_OPEN_FUNC(files)
 	if (*save_path == '\0') {
 		/* if save path is an empty string, determine the temporary dir */
 		save_path = php_get_temporary_directory();
+
+		if (PG(safe_mode) && (!php_checkuid(save_path, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
+			return FAILURE;
+		}
+		if (php_check_open_basedir(save_path TSRMLS_CC)) {
+			return FAILURE;
+		}
 	}
 	
 	/* split up input parameter */