From 890f7f46b40267663c10b59349a2c146cac95cfb Mon Sep 17 00:00:00 2001
From: Wez Furlong <wez@php.net>
Date: Sat, 22 Oct 2005 17:02:10 +0000
Subject: [PATCH] Fix #34957; file access checks should use VCWD_ACCESS()

---
 NEWS                                    |  1 +
 ext/standard/filestat.c                 | 32 ++++++++++++++++++++++++-
 main/streams/php_stream_plain_wrapper.h |  1 +
 3 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index 885d442c7b..4feddd9fd2 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,7 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? Oct 2005, PHP 5.1 Release Candidate 4
+- Fixed bug #34957 (PHP doesn't respect ACLs for access checks). (Wez)
 - Fixed fgetcsv() and fputcsv() inconsistency. (Dmitry)
 - Fixed bug #34934 (offsetExists is not called from array_key_exists). (Dmitry)
 - Fixed bug #34905 (Digest authentication does not work with Apache 1). (Ilia)
diff --git a/ext/standard/filestat.c b/ext/standard/filestat.c
index 3d628c7042..7628489018 100644
--- a/ext/standard/filestat.c
+++ b/ext/standard/filestat.c
@@ -543,6 +543,7 @@ PHP_FUNCTION(clearstatcache)
 #define IS_LINK_OPERATION(__t) ((__t) == FS_TYPE || (__t) == FS_IS_LINK || (__t) == FS_LSTAT)
 #define IS_EXISTS_CHECK(__t) ((__t) == FS_EXISTS  || (__t) == FS_IS_W || (__t) == FS_IS_R || (__t) == FS_IS_X || (__t) == FS_IS_FILE || (__t) == FS_IS_DIR || (__t) == FS_IS_LINK)
 #define IS_ABLE_CHECK(__t) ((__t) == FS_IS_R || (__t) == FS_IS_W || (__t) == FS_IS_X)
+#define IS_ACCESS_CHECK(__t) (IS_ABLE_CHECK(type) || (__t) == FS_EXISTS)
 
 /* {{{ php_stat
  */
@@ -560,6 +561,35 @@ PHPAPI void php_stat(const char *filename, php_stat_len filename_length, int typ
 		RETURN_FALSE;
 	}
 
+	if (IS_ACCESS_CHECK(type)) {
+		char *local;
+
+		if (php_stream_locate_url_wrapper(filename, &local, 0 TSRMLS_CC) == &php_plain_files_wrapper) {
+			switch (type) {
+#ifdef F_OK
+				case FS_EXISTS:
+					RETURN_BOOL(VCWD_ACCESS(local, F_OK) == 0);
+					break;
+#endif
+#ifdef W_OK
+				case FS_IS_W:
+					RETURN_BOOL(VCWD_ACCESS(local, W_OK) == 0);
+					break;
+#endif
+#ifdef R_OK
+				case FS_IS_R:
+					RETURN_BOOL(VCWD_ACCESS(local, R_OK) == 0);
+					break;
+#endif
+#ifdef X_OK
+				case FS_IS_X:
+					RETURN_BOOL(VCWD_ACCESS(local, X_OK) == 0);
+					break;
+#endif
+			}
+		}
+	}
+
 	if (IS_LINK_OPERATION(type)) {
 		flags |= PHP_STREAM_URL_STAT_LINK;
 	}
@@ -617,7 +647,7 @@ PHPAPI void php_stat(const char *filename, php_stat_len filename_length, int typ
 		php_stream_wrapper *wrapper;
 
 		wrapper = php_stream_locate_url_wrapper(filename, NULL, 0 TSRMLS_CC);
-		if (wrapper && wrapper->wops && wrapper->wops->label && strcmp(wrapper->wops->label, "plainfile") == 0) {
+		if (wrapper == &php_plain_files_wrapper) {
 			if (type == FS_IS_X) {
 				xmask = S_IXROOT;
 			} else {
diff --git a/main/streams/php_stream_plain_wrapper.h b/main/streams/php_stream_plain_wrapper.h
index d44fb621c6..1d3374f98a 100644
--- a/main/streams/php_stream_plain_wrapper.h
+++ b/main/streams/php_stream_plain_wrapper.h
@@ -22,6 +22,7 @@
 
 /* operations for a plain file; use the php_stream_fopen_XXX funcs below */
 PHPAPI extern php_stream_ops php_stream_stdio_ops;
+PHPAPI extern php_stream_wrapper php_plain_files_wrapper;
 
 BEGIN_EXTERN_C()
 
-- 
2.50.1