A better fix for bug #20110.

3 files changed, 22 insertions, 19 deletions

diff --git a/main/main.c b/main/main.c
index d03e605518..33e255e5f2 100644
--- a/main/main.c
+++ b/main/main.c
@@ -702,7 +702,7 @@ static FILE *php_fopen_wrapper_for_zend(const char *filename, char **opened_path
 {
 	TSRMLS_FETCH();
 
-	return php_stream_open_wrapper_as_file((char *)filename, "rb", ENFORCE_SAFE_MODE|USE_PATH|IGNORE_URL_WIN|REPORT_ERRORS, opened_path);
+	return php_stream_open_wrapper_as_file((char *)filename, "rb", ENFORCE_SAFE_MODE|USE_PATH|IGNORE_URL_WIN|REPORT_ERRORS|STREAM_OPEN_FOR_INCLUDE, opened_path);
 }
 /* }}} */
 
diff --git a/main/php_streams.h b/main/php_streams.h
index e3b07f785a..7e93aad7ba 100755
--- a/main/php_streams.h
+++ b/main/php_streams.h
@@ -58,9 +58,9 @@ PHPAPI int php_file_le_pstream(void);
 
 #define php_stream_copy_to_mem_rel(src, buf, maxlen, persistent) _php_stream_copy_to_mem((src), (buf), (maxlen), (persistent) STREAMS_REL_CC TSRMLS_CC)
 	
-#define php_stream_fopen_rel(filename, mode, opened) _php_stream_fopen((filename), (mode), (opened) STREAMS_REL_CC TSRMLS_CC)
+#define php_stream_fopen_rel(filename, mode, opened, options) _php_stream_fopen((filename), (mode), (opened), (options) STREAMS_REL_CC TSRMLS_CC)
 
-#define php_stream_fopen_with_path_rel(filename, mode, path, opened) _php_stream_fopen_with_path((filename), (mode), (path), (opened) STREAMS_REL_CC TSRMLS_CC)
+#define php_stream_fopen_with_path_rel(filename, mode, path, opened, options) _php_stream_fopen_with_path((filename), (mode), (path), (opened), (options) STREAMS_REL_CC TSRMLS_CC)
 
 #define php_stream_fopen_from_file_rel(file, mode)	 _php_stream_fopen_from_file((file), (mode) STREAMS_REL_CC TSRMLS_CC)
 	
@@ -426,10 +426,10 @@ PHPAPI size_t _php_stream_passthru(php_stream * src STREAMS_DC TSRMLS_DC);
 /* operations for a stdio FILE; use the php_stream_fopen_XXX funcs below */
 PHPAPI extern php_stream_ops php_stream_stdio_ops;
 /* like fopen, but returns a stream */
-PHPAPI php_stream *_php_stream_fopen(const char *filename, const char *mode, char **opened_path STREAMS_DC TSRMLS_DC);
-#define php_stream_fopen(filename, mode, opened)	_php_stream_fopen((filename), (mode), (opened) STREAMS_CC TSRMLS_CC)
+PHPAPI php_stream *_php_stream_fopen(const char *filename, const char *mode, char **opened_path, int options STREAMS_DC TSRMLS_DC);
+#define php_stream_fopen(filename, mode, opened)	_php_stream_fopen((filename), (mode), (opened), 0 STREAMS_CC TSRMLS_CC)
 
-PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char *path, char **opened_path STREAMS_DC TSRMLS_DC);
+PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char *path, char **opened_path, int options STREAMS_DC TSRMLS_DC);
 #define php_stream_fopen_with_path(filename, mode, path, opened)	_php_stream_fopen_with_path((filename), (mode), (path), (opened) STREAMS_CC TSRMLS_CC)
 
 PHPAPI php_stream *_php_stream_fopen_from_file(FILE *file, const char *mode STREAMS_DC TSRMLS_DC);
@@ -492,6 +492,9 @@ PHPAPI int _php_stream_cast(php_stream *stream, int castas, void **ret, int show
 /* this flag applies to php_stream_locate_url_wrapper */
 #define STREAM_LOCATE_WRAPPERS_ONLY	64
 
+/* this flag is only used by include/require functions */
+#define STREAM_OPEN_FOR_INCLUDE		128
+
 #ifdef PHP_WIN32
 # define IGNORE_URL_WIN STREAM_MUST_SEEK
 #else
diff --git a/main/streams.c b/main/streams.c
index a49c7633f4..ee1328b0f1 100755
--- a/main/streams.c
+++ b/main/streams.c
@@ -1493,7 +1493,7 @@ PHPAPI php_stream_ops	php_stream_stdio_ops = {
 /* }}} */
 
 /* {{{ php_stream_fopen_with_path */
-PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char *path, char **opened_path STREAMS_DC TSRMLS_DC)
+PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char *path, char **opened_path, int options STREAMS_DC TSRMLS_DC)
 {
 	/* code ripped off from fopen_wrappers.c */
 	char *pathbuf, *ptr, *end;
@@ -1534,7 +1534,7 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char
 		if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) {
 			return NULL;
 		}
-		return php_stream_fopen_rel(filename, mode, opened_path);
+		return php_stream_fopen_rel(filename, mode, opened_path, options);
 	}
 
 	/*
@@ -1553,12 +1553,12 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char
 
 		if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0)
 			/* filename is in safe_mode_include_dir (or subdir) */
-			return php_stream_fopen_rel(filename, mode, opened_path);
+			return php_stream_fopen_rel(filename, mode, opened_path, options);
 
 		if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM)))
 			return NULL;
 
-		return php_stream_fopen_rel(filename, mode, opened_path);
+		return php_stream_fopen_rel(filename, mode, opened_path, options);
 	}
 
 	if (!path || (path && !*path)) {
@@ -1570,7 +1570,7 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char
 		if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) {
 			return NULL;
 		}
-		return php_stream_fopen_rel(filename, mode, opened_path);
+		return php_stream_fopen_rel(filename, mode, opened_path, options);
 	}
 
 	/* check in provided path */
@@ -1616,7 +1616,7 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char
 				} else if ((php_check_safe_mode_include_dir(trypath TSRMLS_CC) == 0) ||
 						php_checkuid(trypath, mode, CHECKUID_CHECK_MODE_PARAM)) {
 					/* UID ok, or trypath is in safe_mode_include_dir */
-					stream = php_stream_fopen_rel(trypath, mode, opened_path);
+					stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
 				} else {
 					stream = NULL;
 				}
@@ -1625,7 +1625,7 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char
 				return stream;
 			}
 		}
-		stream = php_stream_fopen_rel(trypath, mode, opened_path);
+		stream = php_stream_fopen_rel(trypath, mode, opened_path, options);
 		if (stream) {
 			efree(pathbuf);
 			return stream;
@@ -1640,7 +1640,7 @@ PHPAPI php_stream *_php_stream_fopen_with_path(char *filename, char *mode, char
 /* }}} */
 
 /* {{{ php_stream_fopen */
-PHPAPI php_stream *_php_stream_fopen(const char *filename, const char *mode, char **opened_path STREAMS_DC TSRMLS_DC)
+PHPAPI php_stream *_php_stream_fopen(const char *filename, const char *mode, char **opened_path, int options STREAMS_DC TSRMLS_DC)
 {
 	FILE *fp;
 	char *realpath = NULL;
@@ -1652,10 +1652,10 @@ PHPAPI php_stream *_php_stream_fopen(const char *filename, const char *mode, cha
 	fp = fopen(realpath, mode);
 
 	if (fp)	{
-		/* this is done to prevent opening of anything other then regular files */
-		if (fstat(fileno(fp), &st) == -1 || !S_ISREG(st.st_mode)) {
+		/* sanity checks for include/require */
+		if (options & STREAM_OPEN_FOR_INCLUDE && (fstat(fileno(fp), &st) == -1 || !S_ISREG(st.st_mode))) {
 			goto err;
-		}
+		} 
 	
 		ret = php_stream_fopen_from_file_rel(fp, mode);
 
@@ -1981,7 +1981,7 @@ static php_stream *php_plain_files_stream_opener(php_stream_wrapper *wrapper, ch
 		int options, char **opened_path, php_stream_context *context STREAMS_DC TSRMLS_DC)
 {
 	if ((options & USE_PATH) && PG(include_path) != NULL) {
-		return php_stream_fopen_with_path_rel(path, mode, PG(include_path), opened_path);
+		return php_stream_fopen_with_path_rel(path, mode, PG(include_path), opened_path, options);
 	}
 
 	if (php_check_open_basedir(path TSRMLS_CC)) {
@@ -1991,7 +1991,7 @@ static php_stream *php_plain_files_stream_opener(php_stream_wrapper *wrapper, ch
 	if ((options & ENFORCE_SAFE_MODE) && PG(safe_mode) && (!php_checkuid(path, mode, CHECKUID_CHECK_MODE_PARAM)))
 		return NULL;
 
-	return php_stream_fopen_rel(path, mode, opened_path);
+	return php_stream_fopen_rel(path, mode, opened_path, options);
 }
 
 static int php_plain_files_url_stater(php_stream_wrapper *wrapper, char *url, php_stream_statbuf *ssb TSRMLS_DC)