[prev in list] [next in list] [prev in thread] [next in thread]
List: pecl-cvs
Subject: [PECL-CVS] cvs: pecl /xattr xattr.c
From: "Marcin Gibula" <mg () php ! net>
Date: 2004-08-26 0:16:14
Message-ID: cvsmg1093479374 () cvsserver
[Download RAW message or body]
mg Wed Aug 25 20:16:14 2004 EDT
Modified files:
/pecl/xattr xattr.c
Log:
Enforce safe_mode and basedir checks and add a flag to xattr_supported function.
http://cvs.php.net/diff.php/pecl/xattr/xattr.c?r1=1.10&r2=1.11&ty=u
Index: pecl/xattr/xattr.c
diff -u pecl/xattr/xattr.c:1.10 pecl/xattr/xattr.c:1.11
--- pecl/xattr/xattr.c:1.10 Thu Aug 19 07:38:18 2004
+++ pecl/xattr/xattr.c Wed Aug 25 20:16:14 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: xattr.c,v 1.10 2004/08/19 11:38:18 mg Exp $ */
+/* $Id: xattr.c,v 1.11 2004/08/26 00:16:14 mg Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -71,7 +71,7 @@
NULL,
PHP_MINFO(xattr),
#if ZEND_MODULE_API_NO >= 20010901
- "1.0",
+ "1.1",
#endif
STANDARD_MODULE_PROPERTIES
};
@@ -100,7 +100,7 @@
{
php_info_print_table_start();
php_info_print_table_row(2, "xattr support", "enabled");
- php_info_print_table_row(2, "PECL module version", "1.0");
+ php_info_print_table_row(2, "PECL module version", "1.1");
php_info_print_table_end();
}
/* }}} */
@@ -118,6 +118,11 @@
return;
}
+ /* Enforce open_basedir and safe_mode */
+ if (php_check_open_basedir(path TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(path, \
NULL, CHECKUID_DISALLOW_FILE_NOT_EXISTS))) { + RETURN_FALSE;
+ }
+
/* Ensure that only allowed bits are set */
flags &= ATTR_ROOT | ATTR_DONTFOLLOW | ATTR_CREATE | ATTR_REPLACE;
@@ -162,6 +167,11 @@
return;
}
+ /* Enforce open_basedir and safe_mode */
+ if (php_check_open_basedir(path TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(path, \
NULL, CHECKUID_DISALLOW_FILE_NOT_EXISTS))) { + RETURN_FALSE;
+ }
+
/* Ensure that only allowed bits are set */
flags &= ATTR_ROOT | ATTR_DONTFOLLOW;
@@ -218,19 +228,29 @@
}
/* }}} */
-/* {{{ proto bool xattr_supported(string path)
+/* {{{ proto bool xattr_supported(string path [, int flags])
Checks if filesystem supports extended attributes */
PHP_FUNCTION(xattr_supported)
{
char *buffer, *path = NULL;
- int error, tmp;
+ int error, tmp, flags = 0;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &path, &tmp) == FAILURE) \
{ + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|l", &path, &tmp, &flags) \
== FAILURE) { return;
}
+ /* Enforce open_basedir and safe_mode */
+ if (php_check_open_basedir(path TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(path, \
NULL, CHECKUID_DISALLOW_FILE_NOT_EXISTS))) { + RETURN_NULL();
+ }
+
/* Is "test" a good name? */
- error = getxattr(path, "user.test", buffer, 0);
+ if (flags & ATTR_DONTFOLLOW) {
+ error = lgetxattr(path, "user.test", buffer, 0);
+ } else {
+ error = getxattr(path, "user.test", buffer, 0);
+ }
+
if (error >= 0)
RETURN_TRUE;
@@ -264,6 +284,11 @@
return;
}
+ /* Enforce open_basedir and safe_mode */
+ if (php_check_open_basedir(path TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(path, \
NULL, CHECKUID_DISALLOW_FILE_NOT_EXISTS))) { + RETURN_FALSE;
+ }
+
/* Ensure that only allowed bits are set */
flags &= ATTR_ROOT | ATTR_DONTFOLLOW;
@@ -306,6 +331,11 @@
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|l", &path, &tmp, &flags) == \
FAILURE) { return;
+ }
+
+ /* Enforce open_basedir and safe_mode */
+ if (php_check_open_basedir(path TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(path, \
NULL, CHECKUID_DISALLOW_FILE_NOT_EXISTS))) { + RETURN_FALSE;
}
buffer = emalloc(buffer_size);
--
PECL CVS Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic