From: Andi Gutmans <andi@php.net>
Date: Sun, 19 Feb 2006 01:19:37 +0000 (+0000)
Subject: Nuke php_check_safe_mode_include_dir
X-Git-Tag: RELEASE_1_2~176
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d3f7bee047551e86c1fe0785b442ab0b3bc2475e;p=php

Nuke php_check_safe_mode_include_dir
---

diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c
index 992e846e57..5f99096a92 100644
--- a/main/fopen_wrappers.c
+++ b/main/fopen_wrappers.c
@@ -187,55 +187,6 @@ PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC)
 }
 /* }}} */
 
-/* {{{ php_check_safe_mode_include_dir
- */
-PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC)
-{
-	if (PG(safe_mode)) {
-		if (PG(safe_mode_include_dir) && *PG(safe_mode_include_dir)) {
-			char *pathbuf;
-			char *ptr;
-			char *end;
-			char resolved_name[MAXPATHLEN];
-
-			/* Resolve the real path into resolved_name */
-			if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL)
-				return -1;
-
-			pathbuf = estrdup(PG(safe_mode_include_dir));
-
-			ptr = pathbuf;
-
-			while (ptr && *ptr) {
-				end = strchr(ptr, DEFAULT_DIR_SEPARATOR);
-				if (end != NULL) {
-					*end = '\0';
-					end++;
-				}
-
-				/* Check the path */
-#ifdef PHP_WIN32
-				if (strncasecmp(ptr, resolved_name, strlen(ptr)) == 0)
-#else
-				if (strncmp(ptr, resolved_name, strlen(ptr)) == 0)
-#endif
-				{
-					/* File is in the right directory */
-					efree(pathbuf);
-					return 0;
-				}
-
-				ptr = end;
-			}
-			efree(pathbuf);
-		}
-		return -1;
-	}
-
-	/* Nothing to check... */
-	return 0;
-}
-/* }}} */
 
 /* {{{ php_fopen_and_set_opened_path
  */
@@ -388,15 +339,8 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char **
 	 */
 	
 	/* Absolute path open */
-	if (IS_ABSOLUTE_PATH(filename, filename_length)) {
-		if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0)
-			/* filename is in safe_mode_include_dir (or subdir) */
-			return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
-			
-		return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
-	}
-
-	if (!path || (path && !*path)) {
+	/* FIXME: Andi - Do we actually need the if()? */
+	if (IS_ABSOLUTE_PATH(filename, filename_length) || (!path || (path && !*path))) {
 		return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC);
 	}
 
@@ -434,20 +378,7 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char **
 			end++;
 		}
 		snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename);
-		if (PG(safe_mode)) {
-			if (VCWD_STAT(trypath, &sb) == 0) {
-				/* file exists ... check permission */
-				if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) ||
-						php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM))
-					/* UID ok, or trypath is in safe_mode_include_dir */
-					fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC);
-				else
-					fp = NULL;
-
-				efree(pathbuf);
-				return fp;
-			}
-		}
+		
 		fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC);
 		if (fp) {
 			efree(pathbuf);
diff --git a/main/fopen_wrappers.h b/main/fopen_wrappers.h
index d67d8bace0..020365470d 100644
--- a/main/fopen_wrappers.h
+++ b/main/fopen_wrappers.h
@@ -31,8 +31,6 @@ PHPAPI int php_check_open_basedir(const char *path TSRMLS_DC);
 PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC);
 PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path TSRMLS_DC);
 
-PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC);
-
 PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char **opened_path TSRMLS_DC);
 
 PHPAPI int php_is_url(char *path);
diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c
index 12c708f11b..beb65d5ca1 100644
--- a/main/streams/plain_wrapper.c
+++ b/main/streams/plain_wrapper.c
@@ -1210,10 +1210,6 @@ not_relative_path:
 			return NULL;
 		}
 
-		if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0)
-			/* filename is in safe_mode_include_dir (or subdir) */
-			return php_stream_fopen_rel(filename, mode, opened_path, options);
-
 		return php_stream_fopen_rel(filename, mode, opened_path, options);
 	}
 	
@@ -1232,9 +1228,6 @@ not_relative_path:
 		if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(trypath TSRMLS_CC)) {
 			return NULL;
 		}
-		if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC)) == 0) {
-			return php_stream_fopen_rel(trypath, mode, opened_path, options);
-		}	
 
 		return php_stream_fopen_rel(trypath, mode, opened_path, options);
 	}
@@ -1289,19 +1282,6 @@ not_relative_path:
 			continue;
 		}
 		
-		if (PG(safe_mode)) {
-			if (VCWD_STAT(trypath, &sb) == 0) {
-				/* file exists ... check permission */
-				if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) ||
-						php_checkuid_ex(trypath, mode, CHECKUID_CHECK_MODE_PARAM, CHECKUID_NO_ERRORS)) {
-					/* UID ok, or trypath is in safe_mode_include_dir */
-					stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
-					goto stream_done;
-				}
-			}
-			ptr = end;
-			continue;
-		}
 		stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
 		if (stream) {
 stream_done: