--- embedaddon/php/main/fopen_wrappers.c 2012/02/21 23:48:05 1.1.1.1 +++ embedaddon/php/main/fopen_wrappers.c 2012/05/29 12:34:35 1.1.1.2 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: fopen_wrappers.c,v 1.1.1.1 2012/02/21 23:48:05 misho Exp $ */ +/* $Id: fopen_wrappers.c,v 1.1.1.2 2012/05/29 12:34:35 misho Exp $ */ /* {{{ includes */ @@ -39,7 +39,6 @@ #include #endif -#include "safe_mode.h" #include "ext/standard/head.h" #include "ext/standard/php_standard.h" #include "zend_compile.h" @@ -85,8 +84,13 @@ or a tightening during activation/runtime/deactivation PHPAPI ZEND_INI_MH(OnUpdateBaseDir) { char **p, *pathbuf, *ptr, *end; +#ifndef ZTS + char *base = (char *) mh_arg2; +#else + char *base = (char *) ts_resource(*((int *) mh_arg2)); +#endif - p = &PG(open_basedir); + p = (char **) (base + (size_t) mh_arg1); if (stage == PHP_INI_STAGE_STARTUP || stage == PHP_INI_STAGE_SHUTDOWN || stage == PHP_INI_STAGE_ACTIVATE || stage == PHP_INI_STAGE_DEACTIVATE) { /* We're in a PHP_INI_SYSTEM context, no restrictions */ @@ -333,55 +337,6 @@ PHPAPI int php_check_open_basedir_ex(const char *path, } /* }}} */ -/* {{{ php_check_safe_mode_include_dir - */ -PHPAPI int php_check_safe_mode_include_dir(const char *path TSRMLS_DC) -{ - if (PG(safe_mode)) { - if (PG(safe_mode_include_dir) && *PG(safe_mode_include_dir)) { - char *pathbuf; - char *ptr; - char *end; - char resolved_name[MAXPATHLEN]; - - /* Resolve the real path into resolved_name */ - if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL) { - return -1; - } - pathbuf = estrdup(PG(safe_mode_include_dir)); - ptr = pathbuf; - - while (ptr && *ptr) { - end = strchr(ptr, DEFAULT_DIR_SEPARATOR); - if (end != NULL) { - *end = '\0'; - end++; - } - - /* Check the path */ -#ifdef PHP_WIN32 - if (strncasecmp(ptr, resolved_name, strlen(ptr)) == 0) -#else - if (strncmp(ptr, resolved_name, strlen(ptr)) == 0) -#endif - { - /* File is in the right directory */ - efree(pathbuf); - return 0; - } - - ptr = end; - } - efree(pathbuf); - } - return -1; - } - - /* Nothing to check... */ - return 0; -} -/* }}} */ - /* {{{ php_fopen_and_set_opened_path */ static FILE *php_fopen_and_set_opened_path(const char *path, const char *mode, char **opened_path TSRMLS_DC) @@ -393,7 +348,7 @@ static FILE *php_fopen_and_set_opened_path(const char } fp = VCWD_FOPEN(path, mode); if (fp && opened_path) { - *opened_path = expand_filepath(path, NULL TSRMLS_CC); + *opened_path = expand_filepath_with_mode(path, NULL, NULL, 0, CWD_EXPAND TSRMLS_CC); } return fp; } @@ -403,14 +358,11 @@ static FILE *php_fopen_and_set_opened_path(const char */ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC) { - FILE *fp; -#ifndef PHP_WIN32 - struct stat st; -#endif char *path_info; char *filename = NULL; char *resolved_path = NULL; int length; + zend_bool orig_display_errors; path_info = SG(request_info).request_uri; #if HAVE_PWD_H @@ -491,17 +443,12 @@ PHPAPI int php_fopen_primary_script(zend_file_handle * SG(request_info).path_translated = NULL; return FAILURE; } - fp = VCWD_FOPEN(resolved_path, "rb"); + efree(resolved_path); -#ifndef PHP_WIN32 - /* refuse to open anything that is not a regular file */ - if (fp && (0 > fstat(fileno(fp), &st) || !S_ISREG(st.st_mode))) { - fclose(fp); - fp = NULL; - } -#endif - - if (!fp) { + orig_display_errors = PG(display_errors); + PG(display_errors) = 0; + if (zend_stream_open(filename, file_handle TSRMLS_CC) == FAILURE) { + PG(display_errors) = orig_display_errors; if (SG(request_info).path_translated != filename) { STR_FREE(filename); } @@ -509,19 +456,13 @@ PHPAPI int php_fopen_primary_script(zend_file_handle * SG(request_info).path_translated = NULL; return FAILURE; } + PG(display_errors) = orig_display_errors; - file_handle->opened_path = resolved_path; - if (SG(request_info).path_translated != filename) { STR_FREE(SG(request_info).path_translated); /* for same reason as above */ SG(request_info).path_translated = filename; } - file_handle->filename = SG(request_info).path_translated; - file_handle->free_filename = 0; - file_handle->handle.fp = fp; - file_handle->type = ZEND_HANDLE_FP; - return SUCCESS; } /* }}} */ @@ -537,14 +478,10 @@ PHPAPI char *php_resolve_path(const char *filename, in char *actual_path; php_stream_wrapper *wrapper; - if (!filename) { + if (!filename || CHECK_NULL_PATH(filename, filename_length)) { return NULL; } - if (strlen(filename) != filename_length) { - return NULL; - } - /* Don't resolve paths which contain protocol (except of file://) */ for (p = filename; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++); if ((*p == ':') && (p - filename > 1) && (p[1] == '/') && (p[2] == '/')) { @@ -628,7 +565,7 @@ PHPAPI char *php_resolve_path(const char *filename, in /* check in calling scripts' current working directory as a fall back case */ if (zend_is_executing(TSRMLS_C)) { - char *exec_fname = zend_get_executed_filename(TSRMLS_C); + const char *exec_fname = zend_get_executed_filename(TSRMLS_C); int exec_fname_length = strlen(exec_fname); while ((--exec_fname_length >= 0) && !IS_SLASH(exec_fname[exec_fname_length])); @@ -674,9 +611,8 @@ PHPAPI char *php_resolve_path(const char *filename, in PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const char *path, char **opened_path TSRMLS_DC) { char *pathbuf, *ptr, *end; - char *exec_fname; + const char *exec_fname; char trypath[MAXPATHLEN]; - struct stat sb; FILE *fp; int path_length; int filename_length; @@ -693,37 +629,14 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, filename_length = strlen(filename); /* Relative path open */ - if (*filename == '.') { - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } - return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); - } - - /* - * files in safe_mode_include_dir (or subdir) are excluded from - * safe mode GID/UID checks - */ - + if ((*filename == '.') /* Absolute path open */ - if (IS_ABSOLUTE_PATH(filename, filename_length)) { - if (php_check_safe_mode_include_dir(filename TSRMLS_CC) == 0) { - /* filename is in safe_mode_include_dir (or subdir) */ - return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); - } - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } + || IS_ABSOLUTE_PATH(filename, filename_length) + || (!path || (path && !*path)) + ) { return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); } - if (!path || (path && !*path)) { - if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) { - return NULL; - } - return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); - } - /* check in provided path */ /* append the calling scripts' current working directory * as a fall back case @@ -759,21 +672,6 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, if (snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename) >= MAXPATHLEN) { php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path was truncated to %d", ptr, filename, MAXPATHLEN); } - if (PG(safe_mode)) { - if (VCWD_STAT(trypath, &sb) == 0) { - /* file exists ... check permission */ - if (php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0 || - php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM) - ) { - /* UID ok, or trypath is in safe_mode_include_dir */ - fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC); - } else { - fp = NULL; - } - efree(pathbuf); - return fp; - } - } fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC); if (fp) { efree(pathbuf); @@ -839,6 +737,14 @@ PHPAPI char *expand_filepath(const char *filepath, cha */ PHPAPI char *expand_filepath_ex(const char *filepath, char *real_path, const char *relative_to, size_t relative_to_len TSRMLS_DC) { + return expand_filepath_with_mode(filepath, real_path, relative_to, relative_to_len, CWD_FILEPATH TSRMLS_CC); +} +/* }}} */ + +/* {{{ expand_filepath_use_realpath + */ +PHPAPI char *expand_filepath_with_mode(const char *filepath, char *real_path, const char *relative_to, size_t relative_to_len, int realpath_mode TSRMLS_DC) +{ cwd_state new_state; char cwd[MAXPATHLEN]; int copy_len; @@ -883,7 +789,7 @@ PHPAPI char *expand_filepath_ex(const char *filepath, new_state.cwd = strdup(cwd); new_state.cwd_length = strlen(cwd); - if (virtual_file_ex(&new_state, filepath, NULL, CWD_FILEPATH)) { + if (virtual_file_ex(&new_state, filepath, NULL, realpath_mode TSRMLS_CC)) { free(new_state.cwd); return NULL; }