From: Jani Taskinen Date: Tue, 9 Oct 2007 08:40:25 +0000 (+0000) Subject: ws + cs X-Git-Tag: RELEASE_2_0_0a1~1626 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c1c60fb7e2ad0d5564bfa5ad9e5d2a4e118c77f9;p=php ws + cs --- diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index ded6a54052..920de5e824 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -90,7 +90,7 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir) char *base = (char *) ts_resource(*((int *) mh_arg2)); #endif - p = (char **) (base+(size_t) mh_arg1); + p = (char **) (base + (size_t) mh_arg1); if (stage == PHP_INI_STAGE_STARTUP || stage == PHP_INI_STAGE_SHUTDOWN) { /* We're in a PHP_INI_SYSTEM context, no restrictions */ @@ -98,8 +98,7 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir) return SUCCESS; } - - /* Elsewise, we're in runtime */ + /* Otherwise we're in runtime */ if (!*p || !**p) { /* open_basedir not set yet, go ahead and give it a value */ *p = new_value; @@ -138,9 +137,8 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir) /* {{{ php_check_specific_open_basedir When open_basedir is not NULL, check if the given filename is located in - open_basedir. Returns -1 if error or not in the open_basedir, else 0 - - When open_basedir is NULL, always return 0 + open_basedir. Returns -1 if error or not in the open_basedir, else 0. + When open_basedir is NULL, always return 0. */ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path TSRMLS_DC) { @@ -153,7 +151,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path int resolved_name_len; int path_len; int nesting_level = 0; - + /* Special case basedir==".": Use script-directory */ if (strcmp(basedir, ".") || !VCWD_GETCWD(local_open_basedir, MAXPATHLEN)) { /* Else use the unmodified path */ @@ -170,7 +168,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL) { return -1; } - + path_len = strlen(resolved_name); memcpy(path_tmp, resolved_name, path_len + 1); /* safe */ @@ -179,7 +177,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path if (nesting_level == 0) { int ret; char buf[MAXPATHLEN]; - + ret = readlink(path_tmp, buf, MAXPATHLEN - 1); if (ret < 0) { /* not a broken symlink, move along.. */ @@ -206,7 +204,7 @@ PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path path_len = path_file - path_tmp + 1; #if defined(PHP_WIN32) || defined(NETWARE) if (path_len > 1 && path_tmp[path_len - 2] == ':') { - /* this is c:\, */ + /* this is c:\ */ path_tmp[path_len] = '\0'; } else { path_tmp[path_len - 1] = '\0'; @@ -299,8 +297,7 @@ PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC) ptr = end; } if (warn) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, - "open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir)); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir)); } efree(pathbuf); errno = EPERM; /* we deny permission to open it */ @@ -359,7 +356,7 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC) if (pwbuflen < 1) { return FAILURE; } - + pwbuf = emalloc(pwbuflen); #endif length = s - (path_info + 2); @@ -377,8 +374,7 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC) pw = getpwnam(user); #endif if (pw && pw->pw_dir) { - spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR, - PG(user_dir), PHP_DIR_SEPARATOR, s+1); /* Safe */ + spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR, PG(user_dir), PHP_DIR_SEPARATOR, s + 1); /* Safe */ STR_FREE(SG(request_info).path_translated); SG(request_info).path_translated = filename; } @@ -409,9 +405,9 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC) if (!filename) { /* we have to free SG(request_info).path_translated here because - php_destroy_request_info assumes that it will get - freed when the include_names hash is emptied, but - we're not adding it in this case */ + * php_destroy_request_info assumes that it will get + * freed when the include_names hash is emptied, but + * we're not adding it in this case */ STR_FREE(SG(request_info).path_translated); SG(request_info).path_translated = NULL; return FAILURE; @@ -434,9 +430,9 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC) file_handle->opened_path = expand_filepath(filename, NULL TSRMLS_CC); - if (!(SG(options) & SAPI_OPTION_NO_CHDIR)) { + if (!(SG(options) & SAPI_OPTION_NO_CHDIR)) { VCWD_CHDIR_FILE(filename); - } + } SG(request_info).path_translated = filename; file_handle->filename = SG(request_info).path_translated; @@ -465,20 +461,20 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c if (opened_path) { *opened_path = NULL; } - - if(!filename) { + + if (!filename) { return NULL; } filename_length = strlen(filename); - + /* Relative path open */ if (*filename == '.') { return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); } - + /* Absolute path open */ - /* FIXME: Andi - Do we actually need the if()? */ + /* FIXME: Andi - Do we actually need the if ()? */ if (IS_ABSOLUTE_PATH(filename, filename_length) || (!path || (path && !*path))) { return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); } @@ -493,16 +489,15 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c path_length = strlen(path); while ((--exec_fname_length >= 0) && !IS_SLASH(exec_fname[exec_fname_length])); - if ((exec_fname && exec_fname[0] == '[') - || exec_fname_length<=0) { + if ((exec_fname && exec_fname[0] == '[') || exec_fname_length <= 0) { /* [no active file] or no path */ pathbuf = estrdup(path); - } else { - pathbuf = (char *) emalloc(exec_fname_length + path_length +1 +1); + } else { + pathbuf = (char *) emalloc(exec_fname_length + path_length + 1 + 1); memcpy(pathbuf, path, path_length); pathbuf[path_length] = DEFAULT_DIR_SEPARATOR; - memcpy(pathbuf+path_length+1, exec_fname, exec_fname_length); - pathbuf[path_length + exec_fname_length +1] = '\0'; + memcpy(pathbuf + path_length + 1, exec_fname, exec_fname_length); + pathbuf[path_length + exec_fname_length + 1] = '\0'; } } else { pathbuf = estrdup(path); @@ -517,7 +512,7 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c end++; } snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename); - + fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC); if (fp) { efree(pathbuf); @@ -530,29 +525,29 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c return NULL; } /* }}} */ - + /* {{{ php_strip_url_passwd */ PHPAPI char *php_strip_url_passwd(char *url) { register char *p, *url_start; - + if (url == NULL) { return ""; } - + p = url; - + while (*p) { - if (*p==':' && *(p+1)=='/' && *(p+2)=='/') { + if (*p == ':' && *(p + 1) == '/' && *(p + 2) == '/') { /* found protocol */ - url_start = p = p+3; - + url_start = p = p + 3; + while (*p) { - if (*p=='@') { + if (*p == '@') { int i; - - for (i=0; i<3 && url_startMAXPATHLEN-1?MAXPATHLEN-1:strlen(filepath); - real_path = estrndup(filepath, copy_len); - return real_path; - } - } - else { - cwd[0] = '\0'; - } - } + if (!filepath[0]) { + return NULL; + } else if (IS_ABSOLUTE_PATH(filepath, strlen(filepath))) { + cwd[0] = '\0'; + } else { + const char *iam = SG(request_info).path_translated; + char *result = VCWD_GETCWD(cwd, MAXPATHLEN); + + if (!result && (iam != filepath)) { + int fdtest = -1; + + fdtest = VCWD_OPEN(filepath, O_RDONLY); + if (fdtest != -1) { + /* return a relative file path if for any reason + * we cannot cannot getcwd() and the requested, + * relatively referenced file is accessible */ + copy_len = strlen(filepath) > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : strlen(filepath); + real_path = estrndup(filepath, copy_len); + return real_path; + } + } else { + cwd[0] = '\0'; + } + } new_state.cwd = strdup(cwd); new_state.cwd_length = strlen(cwd); - if(virtual_file_ex(&new_state, filepath, NULL, CWD_FILEPATH)) { + if (virtual_file_ex(&new_state, filepath, NULL, CWD_FILEPATH)) { free(new_state.cwd); return NULL; } - if(real_path) { - int copy_len = new_state.cwd_length>MAXPATHLEN-1?MAXPATHLEN-1:new_state.cwd_length; + if (real_path) { + copy_len = new_state.cwd_length > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : new_state.cwd_length; memcpy(real_path, new_state.cwd, copy_len); - real_path[copy_len]='\0'; + real_path[copy_len] = '\0'; } else { real_path = estrndup(new_state.cwd, new_state.cwd_length); }