From 6e519895011ea3ef43ce62c1050e72337af94b79 Mon Sep 17 00:00:00 2001 From: Stanislav Malyshev Date: Tue, 15 May 2012 22:35:43 -0700 Subject: [PATCH] fd fix --- NEWS | 4 ++++ ext/standard/php_fopen_wrapper.c | 14 ++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/NEWS b/NEWS index 1057db7d84..990cc65018 100644 --- a/NEWS +++ b/NEWS @@ -22,6 +22,7 @@ PHP NEWS . Fixed bug #61713 (Logic error in charset detection for htmlentities). (Anatoliy) . Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy) + . Changed php://fd to be available only for CLI. - Fileinfo: . Fixed bug #61812 (Uninitialised value used in libmagic). @@ -35,6 +36,9 @@ PHP NEWS . Fixed bug #61755 (A parsing bug in the prepared statements can lead to access violations). (Johannes) +- Phar: + . Fix bug #61065 (Secunia SA44335). (Rasmus) + - Iconv extension: . Fixed a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the iconv diff --git a/ext/standard/php_fopen_wrapper.c b/ext/standard/php_fopen_wrapper.c index a831dd1c16..b51aaa219f 100644 --- a/ext/standard/php_fopen_wrapper.c +++ b/ext/standard/php_fopen_wrapper.c @@ -263,6 +263,20 @@ php_stream * php_stream_url_wrap_php(php_stream_wrapper *wrapper, char *path, ch long fildes_ori; int dtablesize; + if (strcmp(sapi_module.name, "cli")) { + if (options & REPORT_ERRORS) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Direct access to file descriptors is only available from command-line PHP"); + } + return NULL; + } + + if ((options & STREAM_OPEN_FOR_INCLUDE) && !PG(allow_url_include) ) { + if (options & REPORT_ERRORS) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "URL file-access is disabled in the server configuration"); + } + return NULL; + } + start = &path[3]; fildes_ori = strtol(start, &end, 10); if (end == start || *end != '\0') { -- 2.40.0