From: Felipe Pena <felipe@php.net>
Date: Tue, 15 Nov 2011 16:59:59 +0000 (+0000)
Subject: - Fixed bug #52624 (tempnam() by-pass open_basedir with inexistent directory)
X-Git-Tag: php-5.4.0RC2~73
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fb37f3b20d9b9e19a497c0784aea9db4be66595f;p=php

- Fixed bug #52624 (tempnam() by-pass open_basedir with inexistent directory)
---

diff --git a/NEWS b/NEWS
index 0e60c1e3d0..54e45362f2 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,8 @@ PHP                                                                        NEWS
 - Core:
   . Fixed bug #60227 (header() cannot detect the multi-line header with 
      CR(0x0D)). (rui)
+  . Fixed bug #52624 (tempnam() by-pass open_basedir with inexistent directory).
+    (Felipe)
 
 - OpenSSL:
   . Fixed bug #60279 (Fixed NULL pointer dereference in
diff --git a/ext/standard/file.c b/ext/standard/file.c
index e86b21c7a6..26000ea5a2 100644
--- a/ext/standard/file.c
+++ b/ext/standard/file.c
@@ -819,7 +819,7 @@ PHP_FUNCTION(tempnam)
 	
 	RETVAL_FALSE;
 
-	if ((fd = php_open_temporary_fd(dir, p, &opened_path TSRMLS_CC)) >= 0) {
+	if ((fd = php_open_temporary_fd_ex(dir, p, &opened_path, 1 TSRMLS_CC)) >= 0) {
 		close(fd);
 		RETVAL_STRING(opened_path, 0);
 	}
diff --git a/ext/standard/tests/file/bug52624.phpt b/ext/standard/tests/file/bug52624.phpt
new file mode 100644
index 0000000000..c8de0565d6
--- /dev/null
+++ b/ext/standard/tests/file/bug52624.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Bug #52624 (tempnam() by-pass open_basedir with inexistent directory)
+--INI--
+open_basedir=.
+--FILE--
+<?php
+
+echo tempnam("directory_that_not_exists", "prefix_");
+
+?>
+--EXPECTF--
+Warning: tempnam(): open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (%s) in %s on line %d