Skip to content

Commit f9ee6d3

Browse files
rlerdorfrlerdorf
committed
Argh! Horrible logic here. The safemode include dir check defaulted
to letting stuff through if no safemode include dir was defined. @ Another safe-mode fix related to the safemode incdir feature (Rasmus)
1 parent 2d73699 commit f9ee6d3

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

main/fopen_wrappers.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -234,6 +234,8 @@ PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC)
234234
char *end;
235235
char resolved_name[MAXPATHLEN];
236236

237+
php_printf("safe_mode_include_dir check for %s<br>\n",path);
238+
237239
/* Resolve the real path into resolved_name */
238240
if (expand_filepath(path, resolved_name TSRMLS_CC) == NULL)
239241
return -1;
@@ -268,7 +270,7 @@ PHPAPI int php_check_safe_mode_include_dir(char *path TSRMLS_DC)
268270
}
269271

270272
/* Nothing to check... */
271-
return 0;
273+
return -1;
272274
}
273275
/* }}} */
274276

@@ -441,7 +443,7 @@ PHPAPI FILE *php_fopen_with_path(char *filename, char *mode, char *path, char **
441443
}
442444

443445
filename_length = strlen(filename);
444-
446+
445447
/* Relative path open */
446448
if (*filename == '.') {
447449
if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) {

0 commit comments

Comments
 (0)