From fc069fb51b3ca702fcff1aa846c5833af94b2ae7 Mon Sep 17 00:00:00 2001
From: Rasmus Lerdorf <rasmus@php.net>
Date: Sun, 23 Feb 2003 22:03:54 +0000
Subject: [PATCH] open_basedir fixes from David Saez

---
 main/fopen_wrappers.c |  2 +-
 main/streams.c        | 24 ++++++++++++++----------
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c
index c6781c8ce8..6f673f7bc0 100644
--- a/main/fopen_wrappers.c
+++ b/main/fopen_wrappers.c
@@ -192,7 +192,7 @@ PHPAPI int php_check_open_basedir(const char *path TSRMLS_DC)
 			ptr = end;
 		}
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, 
-			"open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, pathbuf);
+			"open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));
 		efree(pathbuf);
 		errno = EPERM; /* we deny permission to open it */
 		return -1;
diff --git a/main/streams.c b/main/streams.c
index 4558ed8663..d709e3e024 100755
--- a/main/streams.c
+++ b/main/streams.c
@@ -1763,6 +1763,12 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char
 			end++;
 		}
 		snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename);
+
+		/* If file does not exist continue */
+		if (VCWD_STAT(trypath, &sb) != 0) {
+			ptr = end;
+			continue;
+		}
 		
 		if (php_check_open_basedir(trypath TSRMLS_CC)) {
 			stream = NULL;
@@ -1770,17 +1776,15 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char
 		}
 		
 		if (PG(safe_mode)) {
-			if (VCWD_STAT(trypath, &sb) == 0) {
-				/* file exists ... check permission */
-				if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) ||
-						php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM)) {
-					/* UID ok, or trypath is in safe_mode_include_dir */
-					stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
-				} else {
-					stream = NULL;
-				}
-				goto stream_done;
+			/* file exists ... check permission */
+			if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) ||
+					php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM)) {
+				/* UID ok, or trypath is in safe_mode_include_dir */
+				stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
+			} else {
+				stream = NULL;
 			}
+			goto stream_done;
 		}
 		stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
 		if (stream) {
-- 
2.40.0