summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xext/com_dotnet/com_persist.c19
-rw-r--r--ext/sqlite/pdo_sqlite2.c4
-rw-r--r--ext/sqlite/sqlite.c25
3 files changed, 24 insertions, 24 deletions
diff --git a/ext/com_dotnet/com_persist.c b/ext/com_dotnet/com_persist.c
index 8408d619d9..8738938f1f 100755
--- a/ext/com_dotnet/com_persist.c
+++ b/ext/com_dotnet/com_persist.c
@@ -390,15 +390,16 @@ CPH_METHOD(SaveToFile)
if (filename) {
fullpath = expand_filepath(filename, NULL TSRMLS_CC);
-
- if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
+ if (!fullpath) {
RETURN_FALSE;
}
-
- if (php_check_open_basedir(fullpath TSRMLS_CC)) {
+
+ if ((PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) ||
+ php_check_open_basedir(fullpath TSRMLS_CC)) {
+ efree(fullpath);
RETURN_FALSE;
}
-
+
olefilename = php_com_string_to_olestring(filename, strlen(fullpath), helper->codepage TSRMLS_CC);
efree(fullpath);
}
@@ -452,13 +453,13 @@ CPH_METHOD(LoadFromFile)
return;
}
- fullpath = expand_filepath(filename, NULL TSRMLS_CC);
-
- if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
+ if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
RETURN_FALSE;
}
- if (php_check_open_basedir(fullpath TSRMLS_CC)) {
+ if ((PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) ||
+ php_check_open_basedir(fullpath TSRMLS_CC)) {
+ efree(fullpath);
RETURN_FALSE;
}
diff --git a/ext/sqlite/pdo_sqlite2.c b/ext/sqlite/pdo_sqlite2.c
index 7788b3f8b3..0df676fec4 100644
--- a/ext/sqlite/pdo_sqlite2.c
+++ b/ext/sqlite/pdo_sqlite2.c
@@ -518,6 +518,10 @@ static char *make_filename_safe(const char *filename TSRMLS_DC)
if (strncmp(filename, ":memory:", sizeof(":memory:")-1)) {
char *fullpath = expand_filepath(filename, NULL TSRMLS_CC);
+ if (!fullpath) {
+ return NULL;
+ }
+
if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
efree(fullpath);
return NULL;
diff --git a/ext/sqlite/sqlite.c b/ext/sqlite/sqlite.c
index c499fa530c..b7a9483342 100644
--- a/ext/sqlite/sqlite.c
+++ b/ext/sqlite/sqlite.c
@@ -1237,13 +1237,13 @@ PHP_FUNCTION(sqlite_popen)
if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
/* resolve the fully-qualified path name to use as the hash key */
- fullpath = expand_filepath(filename, NULL TSRMLS_CC);
-
- if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
+ if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
RETURN_FALSE;
}
- if (php_check_open_basedir(fullpath TSRMLS_CC)) {
+ if ((PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) ||
+ php_check_open_basedir(fullpath TSRMLS_CC)) {
+ efree(fullpath);
RETURN_FALSE;
}
} else {
@@ -1313,11 +1313,8 @@ PHP_FUNCTION(sqlite_open)
if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
/* resolve the fully-qualified path name to use as the hash key */
- fullpath = expand_filepath(filename, NULL TSRMLS_CC);
-
- if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
+ if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
php_std_error_handling();
- efree(fullpath);
if (object) {
RETURN_NULL();
} else {
@@ -1325,7 +1322,8 @@ PHP_FUNCTION(sqlite_open)
}
}
- if (php_check_open_basedir(fullpath TSRMLS_CC)) {
+ if ((PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) ||
+ php_check_open_basedir(fullpath TSRMLS_CC)) {
php_std_error_handling();
efree(fullpath);
if (object) {
@@ -1334,7 +1332,6 @@ PHP_FUNCTION(sqlite_open)
RETURN_FALSE;
}
}
-
}
php_sqlite_open(fullpath ? fullpath : filename, (int)mode, NULL, return_value, errmsg, object TSRMLS_CC);
@@ -1368,15 +1365,13 @@ PHP_FUNCTION(sqlite_factory)
if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
/* resolve the fully-qualified path name to use as the hash key */
- fullpath = expand_filepath(filename, NULL TSRMLS_CC);
-
- if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
- efree(fullpath);
+ if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
php_std_error_handling();
RETURN_NULL();
}
- if (php_check_open_basedir(fullpath TSRMLS_CC)) {
+ if ((PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) ||
+ php_check_open_basedir(fullpath TSRMLS_CC)) {
efree(fullpath);
php_std_error_handling();
RETURN_NULL();
View Lorry Controller Status