From 336ca133d3063e96b4624de5095db70e774076ce Mon Sep 17 00:00:00 2001
From: Stefan Esser <sesser@php.net>
Date: Sun, 23 Jun 2002 17:18:17 +0000
Subject: [PATCH] MFH: link/symlink safe_mode/open_base_dir fix

---
 ext/standard/link.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/ext/standard/link.c b/ext/standard/link.c
index 257d765909..23036067e7 100644
--- a/ext/standard/link.c
+++ b/ext/standard/link.c
@@ -114,6 +114,18 @@ PHP_FUNCTION(symlink)
 		RETURN_FALSE;
 	}
 
+	if (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(frompath), NULL, CHECKUID_CHECK_FILE_AND_DIR)) {
+		RETURN_FALSE;
+	}
+
+	if (php_check_open_basedir(Z_STRVAL_PP(topath) TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
+
+	if (php_check_open_basedir(Z_STRVAL_PP(frompath) TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
+
 	if (!strncasecmp(Z_STRVAL_PP(topath), "http://", 7) || !strncasecmp(Z_STRVAL_PP(topath), "ftp://", 6)) {
 		php_error(E_WARNING, "Unable to symlink to a URL");
 		RETURN_FALSE;
@@ -146,6 +158,18 @@ PHP_FUNCTION(link)
 		RETURN_FALSE;
 	}
 
+	if (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(frompath), NULL, CHECKUID_CHECK_FILE_AND_DIR)) {
+		RETURN_FALSE;
+	}
+
+	if (php_check_open_basedir(Z_STRVAL_PP(topath) TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
+
+	if (php_check_open_basedir(Z_STRVAL_PP(frompath) TSRMLS_CC)) {
+		RETURN_FALSE;
+	}
+
 	if (!strncasecmp(Z_STRVAL_PP(topath), "http://", 7) || !strncasecmp(Z_STRVAL_PP(topath), "ftp://", 6)) {
 		php_error(E_WARNING, "Unable to link to a URL");
 		RETURN_FALSE;
-- 
2.50.1