From: Ilia Alshanetsky <iliaa@php.net>
Date: Sat, 16 Sep 2006 18:30:03 +0000 (+0000)
Subject: Additional expand_filepath() checks
X-Git-Tag: php-5.2.0RC5~146
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=92c3cfd81fcdc798171926ff1299fdfc83bf3f6f;p=php

Additional expand_filepath() checks
---

diff --git a/ext/pdo_sqlite/sqlite_driver.c b/ext/pdo_sqlite/sqlite_driver.c
index ebe3170ead..a3c9cd5911 100644
--- a/ext/pdo_sqlite/sqlite_driver.c
+++ b/ext/pdo_sqlite/sqlite_driver.c
@@ -642,6 +642,10 @@ static char *make_filename_safe(const char *filename TSRMLS_DC)
 	if (strncmp(filename, ":memory:", sizeof(":memory:")-1)) {
 		char *fullpath = expand_filepath(filename, NULL TSRMLS_CC);
 
+		if (!fullpath) {
+			return NULL;
+		}
+
 		if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
 			efree(fullpath);
 			return NULL;
diff --git a/ext/standard/link.c b/ext/standard/link.c
index f29bb87294..1e9213df88 100644
--- a/ext/standard/link.c
+++ b/ext/standard/link.c
@@ -122,14 +122,15 @@ PHP_FUNCTION(symlink)
 	convert_to_string_ex(topath);
 	convert_to_string_ex(frompath);
 
-	expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC);
-	expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC);
+	if (!expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC) || !expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
 
 	if (php_stream_locate_url_wrapper(source_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ||
 		php_stream_locate_url_wrapper(dest_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ) 
 	{
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to symlink to a URL");
-		RETURN_FALSE;	
+		RETURN_FALSE;
 	}
 
 	if (PG(safe_mode) && !php_checkuid(dest_p, NULL, CHECKUID_CHECK_FILE_AND_DIR)) {
@@ -177,14 +178,15 @@ PHP_FUNCTION(link)
 	convert_to_string_ex(topath);
 	convert_to_string_ex(frompath);
 
-	expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC);
-	expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC);
+	if (!expand_filepath(Z_STRVAL_PP(frompath), source_p TSRMLS_CC) || !expand_filepath(Z_STRVAL_PP(topath), dest_p TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
 
 	if (php_stream_locate_url_wrapper(source_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ||
 		php_stream_locate_url_wrapper(dest_p, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC) ) 
 	{
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to link to a URL");
-		RETURN_FALSE;	
+		RETURN_FALSE;
 	}
 
 	if (PG(safe_mode) && !php_checkuid(dest_p, NULL, CHECKUID_CHECK_FILE_AND_DIR)) {