diff options
| author | Ilia Alshanetsky <iliaa@php.net> | 2007-01-04 23:49:35 +0000 |
|---|---|---|
| committer | Ilia Alshanetsky <iliaa@php.net> | 2007-01-04 23:49:35 +0000 |
| commit | 7ba84b8807eddac346df75fcaea0f6ad3295712c (patch) | |
| tree | f6c2b2578190161fa16bffc986a8931a61c6493d | |
| parent | 17ff2f42ff8f9d27a66c9eafe2471abe96d84e44 (diff) | |
| download | php-git-7ba84b8807eddac346df75fcaea0f6ad3295712c.tar.gz | |
Added missing open_basedir checks
| -rw-r--r-- | ext/session/mod_files.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c index f25d15dd2f..df677bb388 100644 --- a/ext/session/mod_files.c +++ b/ext/session/mod_files.c @@ -251,6 +251,13 @@ PS_OPEN_FUNC(files) if (*save_path == '\0') { /* if save path is an empty string, determine the temporary dir */ save_path = php_get_temporary_directory(); + + if (PG(safe_mode) && (!php_checkuid(save_path, NULL, CHECKUID_ALLOW_ONLY_DIR))) { + return FAILURE; + } + if (php_check_open_basedir(save_path TSRMLS_CC)) { + return FAILURE; + } } /* split up input parameter */ |