From: Michael Wallner Date: Thu, 15 Dec 2005 17:08:22 +0000 (+0000) Subject: - start open_basedir checks X-Git-Tag: RELEASE_0_21_0~71 X-Git-Url: https://git.m6w6.name/?a=commitdiff_plain;h=14819be2113881e1030d23c6a1a32e17083ab406;p=m6w6%2Fext-http - start open_basedir checks --- diff --git a/http_api.c b/http_api.c index 04e0121..2798637 100644 --- a/http_api.c +++ b/http_api.c @@ -211,6 +211,8 @@ void _http_log_ex(char *file, const char *ident, const char *message TSRMLS_DC) struct tm nowtm; char datetime[128]; + HTTP_CHECK_OPEN_BASEDIR(file, return); + time(&now); strftime(datetime, sizeof(datetime), "%Y-%m-%d %H:%M:%S", php_localtime_r(&now, &nowtm)); diff --git a/http_request_body_api.c b/http_request_body_api.c index eb82c42..8386bf8 100644 --- a/http_request_body_api.c +++ b/http_request_body_api.c @@ -93,7 +93,11 @@ PHP_HTTP_API http_request_body *_http_request_body_fill(http_request_body *body, SUCCESS != zend_hash_find(Z_ARRVAL_PP(data), "file", sizeof("file"), (void **) &file)) { http_error(HE_NOTICE, HTTP_E_INVALID_PARAM, "Post file array entry misses either 'name', 'type' or 'file' entry"); } else { - CURLcode err = curl_formadd(&http_post_data[0], &http_post_data[1], + CURLcode err; + + HTTP_CHECK_OPEN_BASEDIR(Z_STRVAL_PP(file), curl_formfree(http_post_data[0]); return NULL); + + err = curl_formadd(&http_post_data[0], &http_post_data[1], CURLFORM_COPYNAME, Z_STRVAL_PP(name), CURLFORM_FILE, Z_STRVAL_PP(file), CURLFORM_CONTENTTYPE, Z_STRVAL_PP(type), @@ -121,7 +125,7 @@ PHP_HTTP_API http_request_body *_http_request_body_fill(http_request_body *body, return http_request_body_init_rel(body, HTTP_REQUEST_BODY_CSTRING, encoded, encoded_len, 1); } } -/* }}} */ + /* {{{ void http_request_body_dtor(http_request_body *) */ PHP_HTTP_API void _http_request_body_dtor(http_request_body *body TSRMLS_DC) diff --git a/http_send_api.c b/http_send_api.c index 9c30e6c..cfb088a 100644 --- a/http_send_api.c +++ b/http_send_api.c @@ -456,9 +456,13 @@ PHP_HTTP_API char *_http_guess_content_type(const char *magicfile, long magicmod char *ct = NULL; #ifdef HTTP_HAVE_MAGIC + struct magic_set *magic; + + HTTP_CHECK_OPEN_BASEDIR(magicfile, return NULL); + /* magic_load() fails if MAGIC_MIME is set because it cowardly adds .mime to the file name */ - struct magic_set *magic = magic_open(magicmode &~ MAGIC_MIME); + magic = magic_open(magicmode &~ MAGIC_MIME); if (!magic) { http_error_ex(HE_WARNING, HTTP_E_INVALID_PARAM, "Invalid magic mode: %ld", magicmode); @@ -487,6 +491,7 @@ PHP_HTTP_API char *_http_guess_content_type(const char *magicfile, long magicmod break; default: + HTTP_CHECK_OPEN_BASEDIR(data_ptr, magic_close(magic); return NULL); ctype = magic_file(magic, data_ptr); break; } diff --git a/php_http.h b/php_http.h index 198196d..b4c4ab3 100644 --- a/php_http.h +++ b/php_http.h @@ -15,7 +15,7 @@ #ifndef PHP_EXT_HTTP_H #define PHP_EXT_HTTP_H -#define PHP_EXT_HTTP_VERSION "0.20.0" +#define PHP_EXT_HTTP_VERSION "0.21.0dev" #include "php.h" #include "php_http_std_defs.h" diff --git a/php_http_api.h b/php_http_api.h index c6d08d2..694ddc0 100644 --- a/php_http_api.h +++ b/php_http_api.h @@ -82,6 +82,22 @@ extern void _http_error_ex(long type TSRMLS_DC, long code, const char *format, . action; \ } +#define HTTP_CHECK_OPEN_BASEDIR(file, act) \ + if ((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) \ + { \ + const char *tmp = file; \ + \ + if (!strncasecmp(tmp, "file:", lenof("file:"))) { \ + tmp += lenof("file:"); \ + while (*tmp == '/' || *tmp == '\\') ++tmp; \ + } \ + \ + if (!*tmp || php_check_open_basedir(tmp TSRMLS_CC) || \ + (PG(safe_mode) && !php_checkuid(tmp, "rb+", CHECKUID_CHECK_MODE_PARAM))) { \ + http_error_ex(HE_WARNING, HTTP_E_INVALID_PARAM, "Permission denied: %s", file); \ + act; \ + } \ + } #define http_log(f, i, m) _http_log_ex((f), (i), (m) TSRMLS_CC) extern void http_log_ex(char *file, const char *ident, const char *message TSRMLS_DC);