|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2003-12-17 12:12 UTC] eddyleo777 at hotmail dot com
Description:
------------
test.php
<?php
fopen("c:/apache/user_security/passwd", "r");
?>
php.ini
open_basedir = "c:\apache\user\" ;work
open_basedir = "c:/apache/user" ;it does not work
open_basedir = "c:/apache/user/" ;it does not work
Reproduce code:
---------------
php4-200312171430/main/fopen_wrappers.c on line 133
/* Handler for basedirs that end with a / */
if (basedir[strlen(basedir)-1] == PHP_DIR_SEPARATOR) {
resolved_basedir_len = strlen(resolved_basedir);
resolved_basedir[resolved_basedir_len] = '/';
resolved_basedir[++resolved_basedir_len] = '\0';
} else {
resolved_basedir_len = strlen(resolved_basedir);
}
if (path[strlen(path)-1] == PHP_DIR_SEPARATOR) {
resolved_name_len = strlen(resolved_name);
resolved_name[resolved_name_len] = '/';
resolved_name[++resolved_name_len] = '\0';
}
Expected result:
----------------
the introduced solution not work.
interpret this possible solution please.
php4-200312171430/main/fopen_wrappers.c on line 133
/* Handler for basedirs that end with a / */
if (???is_dir???(resolved_basedir)) {
resolved_basedir_len = strlen(resolved_basedir);
resolved_basedir[resolved_basedir_len] =PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';
} else {
resolved_basedir_len = strlen(resolved_basedir);
}
if (???is_dir???(resolved_name)) {
resolved_name_len = strlen(resolved_name);
resolved_name[resolved_name_len] = PHP_DIR_SEPARATOR;
resolved_name[++resolved_name_len] = '\0';
}
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sun Dec 22 03:01:28 2024 UTC |
When the value in php.ini has no trailing slash or a slash which differs from the value of PHP_DIR_SEPARATOR the condition on line 135 against the path fails, causing the function not to add the trailing slash to the resolved_basedir value. I also noticed that if the condition was to work it would only append / to the resolved_basedir / resolved_name when it should in fact append PHP_DIR_SEPARATOR. Patch --- diff -u fopen_wrappers.c fopen_wrappers.c.patched --- fopen_wrappers.c 2004-02-09 22:47:35.000000000 +0000 +++ fopen_wrappers.c.patched 2004-02-09 22:49:14.000000000 +0000 @@ -132,15 +132,15 @@ if ((expand_filepath(path, resolved_name TSRMLS_CC) != NULL) && (expand_filepath(local_open_basedir, resolved_basedir TSRMLS_CC) != NULL)) { /* Handler for basedirs that end with a / */ resolved_basedir_len = strlen(resolved_basedir); - if (basedir[strlen(basedir)-1] == PHP_DIR_SEPARATOR && resolved_basedir[resolved_basedir_len -1] != PHP_DIR_SEPARATOR) { - resolved_basedir[resolved_basedir_len] = '/'; + if (resolved_basedir[resolved_basedir_len -1] != PHP_DIR_SEPARATOR) { + resolved_basedir[resolved_basedir_len] = PHP_DIR_SEPARATOR; resolved_basedir[++resolved_basedir_len] = '\0'; } if (path[strlen(path)-1] == PHP_DIR_SEPARATOR) { resolved_name_len = strlen(resolved_name); if (resolved_name[resolved_name_len - 1] != PHP_DIR_SEPARATOR) { - resolved_name[resolved_name_len] = '/'; + resolved_name[resolved_name_len] = PHP_DIR_SEPARATOR; resolved_name[++resolved_name_len] = '\0'; } }