 |
 |
 |
 |
|
|
Date: 07/30/98
- Next message: jah: "[PHP-DEV] CVS update: php3"
- Previous message: Rasmus Lerdorf: "Re: [PHP-DEV] CVS update: imapd"
- Next in thread: jah: "[PHP-DEV] CVS update: php3/functions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thursday July 30, 1998 @ 18:14
Author: steffann
Update of /repository/php3/functions
In directory asf:/tmp/cvs-serv19047/functions
Modified Files:
db.c dbase.c filepro.c
Log Message:
Added safe_mode and fopen_basedir support to db, dbase and filepro
Index: php3/functions/db.c
diff -c php3/functions/db.c:1.73 php3/functions/db.c:1.74
*** php3/functions/db.c:1.73 Thu Jul 2 12:18:50 1998
--- php3/functions/db.c Thu Jul 30 18:14:32 1998
***************
*** 28,34 ****
+----------------------------------------------------------------------+
*/
! /* $Id: db.c,v 1.73 1998/07/02 16:18:50 rasmus Exp $ */
#if COMPILE_DL
#include "dl/phpdl.h"
#endif
--- 28,34 ----
+----------------------------------------------------------------------+
*/
! /* $Id: db.c,v 1.74 1998/07/30 22:14:32 steffann Exp $ */
#if COMPILE_DL
#include "dl/phpdl.h"
#endif
***************
*** 36,41 ****
--- 36,43 ----
#include "php.h"
#include "internal_functions.h"
#include "php3_list.h"
+ #include "safe_mode.h"
+ #include "fopen_wrappers.h"
#include <stdlib.h>
#include <string.h>
***************
*** 291,296 ****
--- 293,307 ----
if (filename == NULL) {
php3_error(E_WARNING, "NULL filename passed to _php3_dbmopen()");
+ return NULL;
+ }
+
+ if (php3_ini.safe_mode && (!_php3_checkuid(filename, 2))) {
+ php3_error(E_WARNING, "SAFE MODE Restriction in effect. Invalid owner.");
+ return NULL;
+ }
+
+ if (_php3_check_fopen_basedir(filename)) {
return NULL;
}
Index: php3/functions/dbase.c
diff -c php3/functions/dbase.c:1.60 php3/functions/dbase.c:1.61
*** php3/functions/dbase.c:1.60 Mon Jun 22 16:28:30 1998
--- php3/functions/dbase.c Thu Jul 30 18:14:32 1998
***************
*** 38,43 ****
--- 38,45 ----
#include "php.h"
#include "internal_functions.h"
#include "php3_list.h"
+ #include "safe_mode.h"
+ #include "fopen_wrappers.h"
#if DBASE
#include "../dbase/dbf.h"
***************
*** 127,132 ****
--- 129,143 ----
convert_to_string(dbf_name);
convert_to_long(options);
+ if (php3_ini.safe_mode && (!_php3_checkuid(dbf_name->value.str.val, 2))) {
+ php3_error(E_WARNING, "SAFE MODE Restriction in effect. Invalid owner.");
+ RETURN_FALSE;
+ }
+
+ if (_php_check_fopen_basedir(dbf_name->value.str.val)) {
+ RETURN_FALSE;
+ }
+
dbh = dbf_open(dbf_name->value.str.val, options->value.lval);
if (dbh == NULL) {
php3_error(E_WARNING, "unable to open database %s", dbf_name->value.str.val);
***************
*** 403,408 ****
--- 414,428 ----
if (fields->type != IS_ARRAY) {
php3_error(E_WARNING, "Expected array as second parameter");
+ RETURN_FALSE;
+ }
+
+ if (php3_ini.safe_mode && (!_php3_checkuid(filename->value.str.val, 2))) {
+ php3_error(E_WARNING, "SAFE MODE Restriction in effect. Invalid owner.");
+ RETURN_FALSE;
+ }
+
+ if (_php_check_fopen_basedir(filename->value.str.val)) {
RETURN_FALSE;
}
Index: php3/functions/filepro.c
diff -c php3/functions/filepro.c:1.29 php3/functions/filepro.c:1.30
*** php3/functions/filepro.c:1.29 Thu May 21 19:57:28 1998
--- php3/functions/filepro.c Thu Jul 30 18:14:33 1998
***************
*** 38,43 ****
--- 38,45 ----
#endif
#include "php.h"
#include "internal_functions.h"
+ #include "safe_mode.h"
+ #include "fopen_wrappers.h"
#include <string.h>
#if MSVC5
#include <windows.h>
***************
*** 209,214 ****
--- 211,226 ----
FP_GLOBAL(fp_keysize) = -1;
sprintf(workbuf, "%s/map", dir->value.str.val);
+
+ if (php3_ini.safe_mode && (!_php3_checkuid(workbuf, 2))) {
+ php3_error(E_WARNING, "SAFE MODE Restriction in effect. Invalid owner.");
+ RETURN_FALSE;
+ }
+
+ if (_php_check_fopen_basedir(workbuf)) {
+ RETURN_FALSE;
+ }
+
if (!(fp = fopen(workbuf, "r"))) {
php3_error(E_WARNING, "filePro: cannot open map: [%d] %s",
errno, strerror(errno));
***************
*** 295,300 ****
--- 307,322 ----
/* Now read the records in, moving forward recsize-1 bytes each time */
sprintf(workbuf, "%s/key", FP_GLOBAL(fp_database));
+
+ if (php3_ini.safe_mode && (!_php3_checkuid(workbuf, 2))) {
+ php3_error(E_WARNING, "SAFE MODE Restriction in effect. Invalid owner.");
+ RETURN_FALSE;
+ }
+
+ if (_php_check_fopen_basedir(workbuf)) {
+ RETURN_FALSE;
+ }
+
if (!(fp = fopen(workbuf, "r"))) {
php3_error(E_WARNING, "filePro: cannot open key: [%d] %s",
errno, strerror(errno));
***************
*** 495,500 ****
--- 517,532 ----
/* Now read the record in */
sprintf(workbuf, "%s/key", FP_GLOBAL(fp_database));
+
+ if (php3_ini.safe_mode && (!_php3_checkuid(workbuf, 2))) {
+ php3_error(E_WARNING, "SAFE MODE Restriction in effect. Invalid owner.");
+ RETURN_FALSE;
+ }
+
+ if (_php_check_fopen_basedir(workbuf)) {
+ RETURN_FALSE;
+ }
+
if (!(fp = fopen(workbuf, "r"))) {
php3_error(E_WARNING, "filePro: cannot open key: [%d] %s",
errno, strerror(errno));
- Next message: jah: "[PHP-DEV] CVS update: php3"
- Previous message: Rasmus Lerdorf: "Re: [PHP-DEV] CVS update: imapd"
- Next in thread: jah: "[PHP-DEV] CVS update: php3/functions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]