From dab8b811c28a1f9f45c7db717bf890dc9d9db97a Mon Sep 17 00:00:00 2001 From: Felipe Pena Date: Mon, 21 Jul 2008 19:32:21 +0000 Subject: [PATCH] - Fixed securities issue detailed in CVE-2008-2665 and CVE-2008-2666. (patch by Christian Hoffmann) --- main/safe_mode.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/main/safe_mode.c b/main/safe_mode.c index b791351c3b..d9d1a4f02b 100644 --- a/main/safe_mode.c +++ b/main/safe_mode.c @@ -73,14 +73,6 @@ PHPAPI int php_checkuid_ex(const char *filename, const char *fopen_mode, int mod mode = CHECKUID_CHECK_FILE_AND_DIR; } } - - /* - * If given filepath is a URL, allow - safe mode stuff - * related to URL's is checked in individual functions - */ - wrapper = php_stream_locate_url_wrapper(filename, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC); - if (wrapper != NULL) - return 1; /* First we see if the file is owned by the same user... * If that fails, passthrough and check directory... -- 2.50.1