diff options
| author | Pierre Joye <pajoye@php.net> | 2008-08-08 15:56:44 +0000 |
|---|---|---|
| committer | Pierre Joye <pajoye@php.net> | 2008-08-08 15:56:44 +0000 |
| commit | ed2abda5dfe55d9a0e4b0294cfac838d9e398a82 (patch) | |
| tree | 0aa65f0c7fe84306059be2be46881a44fb7992c8 | |
| parent | f4087a70aa671ed98d5f7c1859d18c25bd4f4ea4 (diff) | |
| download | php-git-ed2abda5dfe55d9a0e4b0294cfac838d9e398a82.tar.gz | |
- MFH: missing openbasedir check
| -rw-r--r-- | ext/zip/php_zip.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c index adf1e5d56c..5fb0a253e3 100644 --- a/ext/zip/php_zip.c +++ b/ext/zip/php_zip.c @@ -1383,6 +1383,10 @@ static ZIPARCHIVE_METHOD(open) RETURN_FALSE; } + if (OPENBASEDIR_CHECKPATH(filename)) { + RETURN_FALSE; + } + if (!expand_filepath(filename, resolved_path TSRMLS_CC)) { RETURN_FALSE; } |