Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:rkwasny
php
php-5.1.2-save_path-secfix.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-5.1.2-save_path-secfix.patch of Package php
--- Zend/zend_operators.h +++ Zend/zend_operators.h @@ -159,6 +159,18 @@ return NULL; } +static inline void *zend_memrchr(const void *s, int c, size_t n) +{ + register unsigned char *e = (unsigned char *)s + n; + + for (e--; e >= (unsigned char *)s; e--) { + if (*e == (unsigned char)c) { + return (void *)e; + } + } + + return NULL; +} BEGIN_EXTERN_C() ZEND_API int increment_function(zval *op1); --- ext/session/session.c +++ ext/session/session.c @@ -133,18 +133,30 @@ static PHP_INI_MH(OnUpdateSaveDir) { - /* Only do the safemode/open_basedir check at runtime */ - if (stage == PHP_INI_STAGE_RUNTIME) { - if (PG(safe_mode) && (!php_checkuid(new_value, NULL, CHECKUID_ALLOW_ONLY_DIR))) { - return FAILURE; - } - - if (php_check_open_basedir(new_value TSRMLS_CC)) { - return FAILURE; - } - } - OnUpdateString(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC); - return SUCCESS; + /* Only do the safemode/open_basedir check at runtime */ + if (stage == PHP_INI_STAGE_RUNTIME) { + char *p; + + if (memchr(new_value, '\0', new_value_length) != NULL) { + return FAILURE; + } + + if ((p = zend_memrchr(new_value, ';', new_value_length))) { + p++; + } else { + p = new_value; + } + + if (PG(safe_mode) && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + return FAILURE; + } + + if (php_check_open_basedir(p TSRMLS_CC)) { + return FAILURE; + } + } + OnUpdateString(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC); + return SUCCESS; } /* {{{ PHP_INI --- ext/standard/basic_functions.c +++ ext/standard/basic_functions.c @@ -2667,7 +2667,6 @@ _CHECK_PATH(varname, "java.class.path") || _CHECK_PATH(varname, "java.home") || _CHECK_PATH(varname, "java.library.path") || - _CHECK_PATH(varname, "session.save_path") || _CHECK_PATH(varname, "vpopmail.directory")) { if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(new_value), NULL, CHECKUID_CHECK_FILE_AND_DIR))) { zval_dtor(return_value);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor