From ab9198e3967b6dce5eaf5bf9f465293effc38db5 Mon Sep 17 00:00:00 2001 From: Marcus Boerger Date: Tue, 12 Aug 2003 21:15:16 +0000 Subject: Bugfix #25056 --- ext/sqlite/sqlite.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'ext/sqlite/sqlite.c') diff --git a/ext/sqlite/sqlite.c b/ext/sqlite/sqlite.c index 2c4b69b175..07a33a9d5b 100644 --- a/ext/sqlite/sqlite.c +++ b/ext/sqlite/sqlite.c @@ -1107,7 +1107,7 @@ PHP_FUNCTION(sqlite_popen) PHP_FUNCTION(sqlite_open) { int mode = 0666; - char *filename; + char *filename, *fullpath = NULL; long filename_len; zval *errmsg = NULL; zval *object = getThis(); @@ -1123,17 +1123,22 @@ PHP_FUNCTION(sqlite_open) } if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { - if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + /* resolve the fully-qualified path name to use as the hash key */ + fullpath = expand_filepath(filename, NULL TSRMLS_CC); + + if (PG(safe_mode) && (!php_checkuid(fullpath, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { php_set_error_handling(EH_NORMAL, NULL TSRMLS_CC); + efree(fullpath); if (object) { RETURN_NULL(); } else { RETURN_FALSE; } } - - if (php_check_open_basedir(filename TSRMLS_CC)) { + + if (php_check_open_basedir(fullpath TSRMLS_CC)) { php_set_error_handling(EH_NORMAL, NULL TSRMLS_CC); + efree(fullpath); if (object) { RETURN_NULL(); } else { @@ -1142,8 +1147,11 @@ PHP_FUNCTION(sqlite_open) } } - php_sqlite_open(filename, mode, NULL, return_value, errmsg, object TSRMLS_CC); + php_sqlite_open(fullpath?fullpath:filename, mode, NULL, return_value, errmsg, object TSRMLS_CC); + if (fullpath) { + efree(fullpath); + } php_set_error_handling(EH_NORMAL, NULL TSRMLS_CC); } /* }}} */ -- cgit v1.2.1