summaryrefslogtreecommitdiff
path: root/TSRM
diff options
context:
space:
mode:
authorStefan Esser <sesser@php.net>2004-12-01 22:56:05 (GMT)
committerStefan Esser <sesser@php.net>2004-12-01 22:56:05 (GMT)
commit6076a4a66c78c71d3052b0e4871efcf7b1ba3b1f (patch)
tree94e9c3ffd24e2e6e5695388b04c8e8c2ae8b58af /TSRM
parent1094a0d2437bc73e0829b34f7e83ae7300d5fdd5 (diff)
downloadphp-6076a4a66c78c71d3052b0e4871efcf7b1ba3b1f.tar.gz
Fixed behaviour of TSRM in case of realpath() failure
Diffstat (limited to 'TSRM')
-rw-r--r--TSRM/tsrm_virtual_cwd.c29
1 files changed, 22 insertions, 7 deletions
diff --git a/TSRM/tsrm_virtual_cwd.c b/TSRM/tsrm_virtual_cwd.c
index 67e9127..9d40ded 100644
--- a/TSRM/tsrm_virtual_cwd.c
+++ b/TSRM/tsrm_virtual_cwd.c
@@ -378,6 +378,8 @@ CWD_API int virtual_file_ex(cwd_state *state, const char *path, verify_path_func
if (path_length == 0)
return (0);
+ if (path_length >= MAXPATHLEN)
+ return (1);
#ifdef REALPATH_CACHE
if (use_realpath && CWDG(realpath_cache_size_limit)) {
@@ -386,7 +388,7 @@ CWD_API int virtual_file_ex(cwd_state *state, const char *path, verify_path_func
orig_path_len = path_length;
} else {
orig_path_len = path_length + state->cwd_length + 1;
- if (orig_path_len+1 > MAXPATHLEN) {
+ if (orig_path_len >= MAXPATHLEN) {
return 1;
}
memcpy(orig_path, state->cwd, state->cwd_length);
@@ -417,9 +419,13 @@ CWD_API int virtual_file_ex(cwd_state *state, const char *path, verify_path_func
* This can happen under solaris when a dir does not have read permissions
* but *does* have execute permissions */
if (IS_ABSOLUTE_PATH(path, path_length) || (state->cwd_length < 1)) {
- if (use_realpath && realpath(path, resolved_path)) {
- path = resolved_path;
- path_length = strlen(path);
+ if (use_realpath) {
+ if (realpath(path, resolved_path)) {
+ path = resolved_path;
+ path_length = strlen(path);
+ } else {
+ return 1;
+ }
}
} else { /* Concat current directory with relative path and then run realpath() on it */
char *tmp;
@@ -435,9 +441,18 @@ CWD_API int virtual_file_ex(cwd_state *state, const char *path, verify_path_func
memcpy(ptr, path, path_length);
ptr += path_length;
*ptr = '\0';
- if (use_realpath && realpath(tmp, resolved_path)) {
- path = resolved_path;
- path_length = strlen(path);
+ if (strlen(tmp) >= MAXPATHLEN) {
+ free(tmp);
+ return 1;
+ }
+ if (use_realpath) {
+ if (realpath(tmp, resolved_path)) {
+ path = resolved_path;
+ path_length = strlen(path);
+ } else {
+ free(tmp);
+ return 1;
+ }
}
free(tmp);
}