From: Stanislav Malyshev Date: Sun, 31 Jul 2011 22:43:21 +0000 (+0000) Subject: retore open_basedir check for unlink X-Git-Tag: php-5.4.0alpha3~20 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fa78f7a4c0452e3c72dcfc5f927c0363d4dd97ee;p=php retore open_basedir check for unlink --- diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index 8303adb5b1..423b4b30e4 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -113,7 +113,7 @@ typedef struct { unsigned is_pipe:1; /* don't try and seek */ unsigned cached_fstat:1; /* sb is valid */ unsigned _reserved:29; - + int lock_flag; /* stores the lock state */ char *temp_file_name; /* if non-null, this is the path to a temporary file that * is to be deleted when the stream is closed */ @@ -139,7 +139,7 @@ static int do_fstat(php_stdio_stream_data *d, int force) if (!d->cached_fstat || force) { int fd; int r; - + PHP_STDIOP_GET_FD(fd, d); r = fstat(fd, &d->sb); d->cached_fstat = r == 0; @@ -152,7 +152,7 @@ static int do_fstat(php_stdio_stream_data *d, int force) static php_stream *_php_stream_fopen_from_fd_int(int fd, const char *mode, const char *persistent_id STREAMS_DC TSRMLS_DC) { php_stdio_stream_data *self; - + self = pemalloc_rel_orig(sizeof(*self), persistent_id); memset(self, 0, sizeof(*self)); self->file = NULL; @@ -161,14 +161,14 @@ static php_stream *_php_stream_fopen_from_fd_int(int fd, const char *mode, const self->is_process_pipe = 0; self->temp_file_name = NULL; self->fd = fd; - + return php_stream_alloc_rel(&php_stream_stdio_ops, self, persistent_id, mode); } static php_stream *_php_stream_fopen_from_file_int(FILE *file, const char *mode STREAMS_DC TSRMLS_DC) { php_stdio_stream_data *self; - + self = emalloc_rel_orig(sizeof(*self)); memset(self, 0, sizeof(*self)); self->file = file; @@ -213,7 +213,7 @@ PHPAPI php_stream *_php_stream_fopen_tmpfile(int dummy STREAMS_DC TSRMLS_DC) self->temp_file_name = opened_path; self->lock_flag = LOCK_UN; - + return stream; } close(fd); @@ -246,7 +246,7 @@ PHPAPI php_stream *_php_stream_fopen_from_fd(int fd, const char *mode, const cha } } #endif - + if (self->is_pipe) { stream->flags |= PHP_STREAM_FLAG_NO_SEEK; } else { @@ -285,7 +285,7 @@ PHPAPI php_stream *_php_stream_fopen_from_file(FILE *file, const char *mode STRE } } #endif - + if (self->is_pipe) { stream->flags |= PHP_STREAM_FLAG_NO_SEEK; } else { @@ -354,9 +354,9 @@ static size_t php_stdiop_read(php_stream *stream, char *buf, size_t count TSRMLS so script can retry if desired */ ret = read(data->fd, buf, count); } - + stream->eof = (ret == 0 || (ret == (size_t)-1 && errno != EWOULDBLOCK && errno != EINTR && errno != EBADF)); - + } else { #if HAVE_FLUSHIO if (!data->is_pipe && data->last_op == 'w') @@ -393,7 +393,7 @@ static int php_stdiop_close(php_stream *stream, int close_handle TSRMLS_DC) data->file_mapping = NULL; } #endif - + if (close_handle) { if (data->file) { if (data->is_process_pipe) { @@ -463,14 +463,14 @@ static int php_stdiop_seek(php_stream *stream, off_t offset, int whence, off_t * if (data->fd >= 0) { off_t result; - + result = lseek(data->fd, offset, whence); if (result == (off_t)-1) return -1; *newoffset = result; return 0; - + } else { ret = fseek(data->file, offset, whence); *newoffset = ftell(data->file); @@ -484,7 +484,7 @@ static int php_stdiop_cast(php_stream *stream, int castas, void **ret TSRMLS_DC) php_stdio_stream_data *data = (php_stdio_stream_data*) stream->abstract; assert(data != NULL); - + /* as soon as someone touches the stdio layer, buffering may ensue, * so we need to stop using the fd directly in that case */ @@ -502,7 +502,7 @@ static int php_stdiop_cast(php_stream *stream, int castas, void **ret TSRMLS_DC) return FAILURE; } } - + *(FILE**)ret = data->file; data->fd = -1; } @@ -558,9 +558,9 @@ static int php_stdiop_set_option(php_stream *stream, int option, int value, void int flags; int oldval; #endif - + PHP_STDIOP_GET_FD(fd, data); - + switch(option) { case PHP_STREAM_OPTION_BLOCKING: if (fd == -1) @@ -572,20 +572,20 @@ static int php_stdiop_set_option(php_stream *stream, int option, int value, void flags &= ~O_NONBLOCK; else flags |= O_NONBLOCK; - + if (-1 == fcntl(fd, F_SETFL, flags)) return -1; return oldval; #else return -1; /* not yet implemented */ #endif - + case PHP_STREAM_OPTION_WRITE_BUFFER: if (data->file == NULL) { return -1; } - + if (ptrparam) size = *(size_t *)ptrparam; else @@ -594,10 +594,10 @@ static int php_stdiop_set_option(php_stream *stream, int option, int value, void switch(value) { case PHP_STREAM_BUFFER_NONE: return setvbuf(data->file, NULL, _IONBF, 0); - + case PHP_STREAM_BUFFER_LINE: return setvbuf(data->file, NULL, _IOLBF, size); - + case PHP_STREAM_BUFFER_FULL: return setvbuf(data->file, NULL, _IOFBF, size); @@ -605,7 +605,7 @@ static int php_stdiop_set_option(php_stream *stream, int option, int value, void return -1; } break; - + case PHP_STREAM_OPTION_LOCKING: if (fd == -1) { return -1; @@ -628,7 +628,7 @@ static int php_stdiop_set_option(php_stream *stream, int option, int value, void { php_stream_mmap_range *range = (php_stream_mmap_range*)ptrparam; int prot, flags; - + switch (value) { case PHP_STREAM_MMAP_SUPPORTED: return fd == -1 ? PHP_STREAM_OPTION_RETURN_ERR : PHP_STREAM_OPTION_RETURN_OK; @@ -793,7 +793,7 @@ static int php_stdiop_set_option(php_stream *stream, int option, int value, void return ftruncate(fd, new_size) == 0 ? PHP_STREAM_OPTION_RETURN_OK : PHP_STREAM_OPTION_RETURN_ERR; } } - + default: return PHP_STREAM_OPTION_RETURN_NOTIMPL; } @@ -866,7 +866,7 @@ static php_stream *php_plain_files_dir_opener(php_stream_wrapper *wrapper, char if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(path TSRMLS_CC)) { return NULL; } - + dir = VCWD_OPENDIR(path); #ifdef PHP_WIN32 @@ -884,7 +884,7 @@ static php_stream *php_plain_files_dir_opener(php_stream_wrapper *wrapper, char if (stream == NULL) closedir(dir); } - + return stream; } /* }}} */ @@ -932,7 +932,7 @@ PHPAPI php_stream *_php_stream_fopen(const char *filename, const char *mode, cha return ret; } } - + fd = open(realpath, open_flags, 0666); if (fd != -1) { @@ -1035,6 +1035,10 @@ static int php_plain_files_unlink(php_stream_wrapper *wrapper, char *url, int op url = p + 3; } + if (php_check_open_basedir(url TSRMLS_CC)) { + return 0; + } + ret = VCWD_UNLINK(url); if (ret == -1) { if (options & REPORT_ERRORS) { @@ -1165,7 +1169,7 @@ static int php_plain_files_mkdir(php_stream_wrapper *wrapper, char *dir, int mod } if (p && dir_len == 1) { - /* buf == "DEFAULT_SLASH" */ + /* buf == "DEFAULT_SLASH" */ } else { /* find a top level directory we need to create */ @@ -1405,7 +1409,7 @@ not_relative_path: return php_stream_fopen_rel(filename, mode, opened_path, options); } - + #ifdef PHP_WIN32 if (IS_SLASH(filename[0])) { size_t cwd_len; @@ -1413,17 +1417,17 @@ not_relative_path: cwd = virtual_getcwd_ex(&cwd_len TSRMLS_CC); /* getcwd() will return always return [DRIVE_LETTER]:/) on windows. */ *(cwd+3) = '\0'; - + if (snprintf(trypath, MAXPATHLEN, "%s%s", cwd, filename) >= MAXPATHLEN) { php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path was truncated to %d", cwd, filename, MAXPATHLEN); } - + free(cwd); - + if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir(trypath TSRMLS_CC)) { return NULL; } - + return php_stream_fopen_rel(trypath, mode, opened_path, options); } #endif @@ -1475,7 +1479,7 @@ not_relative_path: if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir_ex(trypath, 0 TSRMLS_CC)) { goto stream_skip; } - + stream = php_stream_fopen_rel(trypath, mode, opened_path, options); if (stream) { efree(pathbuf);