From e24c17f9b4ac1df3129e281f395b0896e41cf0c2 Mon Sep 17 00:00:00 2001
From: Ilia Alshanetsky <iliaa@php.net>
Date: Sun, 6 Jan 2008 17:12:44 +0000
Subject: [PATCH] MFB: Fixed a safe_mode bypass in cURL identified by
 Maksymilian Arciemowicz.

---
 ext/curl/interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/curl/interface.c b/ext/curl/interface.c
index 97bacb3595..473839eada 100644
--- a/ext/curl/interface.c
+++ b/ext/curl/interface.c
@@ -173,7 +173,7 @@ static void _php_curl_close(zend_rsrc_list_entry *rsrc TSRMLS_DC);
 			php_curl_ret(__ret);											\
 		} 													\
 															\
-		if (!php_memnstr(str, tmp_url->path, strlen(tmp_url->path), str + len)) {				\
+		if (tmp_url->host || !php_memnstr(str, tmp_url->path, strlen(tmp_url->path), str + len)) {				\
 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "URL '%s' contains unencoded control characters", str);	\
 			php_url_free(tmp_url); 																\
 			php_curl_ret(__ret);											\
-- 
2.50.1