From fb37f3b20d9b9e19a497c0784aea9db4be66595f Mon Sep 17 00:00:00 2001 From: Felipe Pena Date: Tue, 15 Nov 2011 16:59:59 +0000 Subject: [PATCH] - Fixed bug #52624 (tempnam() by-pass open_basedir with inexistent directory) --- NEWS | 2 ++ ext/standard/file.c | 2 +- ext/standard/tests/file/bug52624.phpt | 12 ++++++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 ext/standard/tests/file/bug52624.phpt diff --git a/NEWS b/NEWS index 0e60c1e3d0..54e45362f2 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,8 @@ PHP NEWS - Core: . Fixed bug #60227 (header() cannot detect the multi-line header with CR(0x0D)). (rui) + . Fixed bug #52624 (tempnam() by-pass open_basedir with inexistent directory). + (Felipe) - OpenSSL: . Fixed bug #60279 (Fixed NULL pointer dereference in diff --git a/ext/standard/file.c b/ext/standard/file.c index e86b21c7a6..26000ea5a2 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -819,7 +819,7 @@ PHP_FUNCTION(tempnam) RETVAL_FALSE; - if ((fd = php_open_temporary_fd(dir, p, &opened_path TSRMLS_CC)) >= 0) { + if ((fd = php_open_temporary_fd_ex(dir, p, &opened_path, 1 TSRMLS_CC)) >= 0) { close(fd); RETVAL_STRING(opened_path, 0); } diff --git a/ext/standard/tests/file/bug52624.phpt b/ext/standard/tests/file/bug52624.phpt new file mode 100644 index 0000000000..c8de0565d6 --- /dev/null +++ b/ext/standard/tests/file/bug52624.phpt @@ -0,0 +1,12 @@ +--TEST-- +Bug #52624 (tempnam() by-pass open_basedir with inexistent directory) +--INI-- +open_basedir=. +--FILE-- + +--EXPECTF-- +Warning: tempnam(): open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (%s) in %s on line %d -- 2.50.1