Skip to content
Permalink
Browse files

Check if soap.wsdl_cache_dir confirms to open_basedir

  • Loading branch information
dstogov committed Feb 7, 2013
1 parent a80fdc4 commit cc4c318b0c71e1a9c9cf803b5ee5d437344d64db
Showing with 35 additions and 1 deletion.
  1. +35 −1 ext/soap/soap.c
@@ -568,10 +568,44 @@ ZEND_INI_MH(OnUpdateCacheMode)
return SUCCESS;
}

static PHP_INI_MH(OnUpdateCacheDir)
{
/* Only do the safemode/open_basedir check at runtime */
if (stage == PHP_INI_STAGE_RUNTIME || stage == PHP_INI_STAGE_HTACCESS) {
char *p;

if (memchr(new_value, '\0', new_value_length) != NULL) {
return FAILURE;
}

/* we do not use zend_memrchr() since path can contain ; itself */
if ((p = strchr(new_value, ';'))) {
char *p2;
p++;
if ((p2 = strchr(p, ';'))) {
p = p2 + 1;
}
} else {
p = new_value;
}

if (PG(safe_mode) && *p && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
return FAILURE;
}

if (PG(open_basedir) && *p && php_check_open_basedir(p TSRMLS_CC)) {
return FAILURE;
}
}

OnUpdateString(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC);
return SUCCESS;
}

PHP_INI_BEGIN()
STD_PHP_INI_ENTRY("soap.wsdl_cache_enabled", "1", PHP_INI_ALL, OnUpdateBool,
cache_enabled, zend_soap_globals, soap_globals)
STD_PHP_INI_ENTRY("soap.wsdl_cache_dir", "/tmp", PHP_INI_ALL, OnUpdateString,
STD_PHP_INI_ENTRY("soap.wsdl_cache_dir", "/tmp", PHP_INI_ALL, OnUpdateCacheDir,
cache_dir, zend_soap_globals, soap_globals)
STD_PHP_INI_ENTRY("soap.wsdl_cache_ttl", "86400", PHP_INI_ALL, OnUpdateLong,
cache_ttl, zend_soap_globals, soap_globals)

0 comments on commit cc4c318

Please sign in to comment.
You can’t perform that action at this time.