diff options
Diffstat (limited to 'dev-lang/php/files/5.0.5/php5.0.5-gd-safe_mode.patch')
-rw-r--r-- | dev-lang/php/files/5.0.5/php5.0.5-gd-safe_mode.patch | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/dev-lang/php/files/5.0.5/php5.0.5-gd-safe_mode.patch b/dev-lang/php/files/5.0.5/php5.0.5-gd-safe_mode.patch new file mode 100644 index 000000000000..8b094320b510 --- /dev/null +++ b/dev-lang/php/files/5.0.5/php5.0.5-gd-safe_mode.patch @@ -0,0 +1,95 @@ +--- ext/gd/gd.c 2005-12-08 15:44:36.000000000 +0100 ++++ ext/gd/gd.c 2005-12-08 17:21:55.000000000 +0100 +@@ -705,7 +705,7 @@ + + convert_to_string_ex(file); + +- stream = php_stream_open_wrapper(Z_STRVAL_PP(file), "rb", IGNORE_PATH | IGNORE_URL_WIN | REPORT_ERRORS, NULL); ++ stream = php_stream_open_wrapper(Z_STRVAL_PP(file), "rb", ENFORCE_SAFE_MODE | IGNORE_PATH | IGNORE_URL_WIN | REPORT_ERRORS, NULL); + if (stream == NULL) { + RETURN_FALSE; + } +@@ -889,6 +889,10 @@ + convert_to_boolean_ex(dither); + convert_to_long_ex(ncolors); + ++ if (Z_LVAL_PP(ncolors) <= 0) { ++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Number of colors has to be greater than zero"); ++ RETURN_FALSE; ++ } + gdImageTrueColorToPalette(im, Z_LVAL_PP(dither), Z_LVAL_PP(ncolors)); + + RETURN_TRUE; +@@ -1518,7 +1522,7 @@ + + fn = Z_STRVAL_PP(file); + +- stream = php_stream_open_wrapper(fn, "rb", REPORT_ERRORS|IGNORE_PATH|IGNORE_URL_WIN, NULL); ++ stream = php_stream_open_wrapper(fn, "rb", ENFORCE_SAFE_MODE|REPORT_ERRORS|IGNORE_PATH|IGNORE_URL_WIN, NULL); + if (stream == NULL) { + RETURN_FALSE; + } +@@ -1726,10 +1730,7 @@ + } + + if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) { +- if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC)) { +- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid filename '%s'", fn); +- RETURN_FALSE; +- } ++ PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename"); + + fp = VCWD_FOPEN(fn, "wb"); + if (!fp) { +@@ -3824,16 +3825,10 @@ + } + + /* Check origin file */ +- if (!fn_org || fn_org == empty_string || php_check_open_basedir(fn_org TSRMLS_CC)) { +- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid origin filename '%s'", fn_org); +- RETURN_FALSE; +- } ++ PHP_GD_CHECK_OPEN_BASEDIR(fn_org, "Invalid origin filename"); + + /* Check destination file */ +- if (!fn_dest || fn_dest == empty_string || php_check_open_basedir(fn_dest TSRMLS_CC)) { +- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid destination filename '%s'", fn_dest); +- RETURN_FALSE; +- } ++ PHP_GD_CHECK_OPEN_BASEDIR(fn_dest, "Invalid destination filename"); + + /* Open origin file */ + org = VCWD_FOPEN(fn_org, "rb"); +--- ext/gd/gd_ctx.c 2005-12-08 15:44:42.000000000 +0100 ++++ ext/gd/gd_ctx.c 2005-12-08 17:25:24.000000000 +0100 +@@ -82,10 +82,8 @@ + } + + if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) { +- if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC)) { +- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid filename '%s'", fn); +- RETURN_FALSE; +- } ++ ++ PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename"); + + fp = VCWD_FOPEN(fn, "wb"); + if (!fp) { +--- ext/gd/php_gd.h 2005-12-08 15:44:49.000000000 +0100 ++++ ext/gd/php_gd.h 2005-12-08 17:29:53.000000000 +0100 +@@ -30,6 +30,15 @@ + + #if HAVE_LIBGD + ++/* open_basedir and safe_mode checks */ ++#define PHP_GD_CHECK_OPEN_BASEDIR(filename, errormsg) \ ++ if (!filename || php_check_open_basedir(filename TSRMLS_CC) || \ ++ (PG(safe_mode) && !php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR)) \ ++ ) { \ ++ php_error_docref(NULL TSRMLS_CC, E_WARNING, errormsg); \ ++ RETURN_FALSE; \ ++ } ++ + #define PHP_GDIMG_TYPE_GIF 1 + #define PHP_GDIMG_TYPE_PNG 2 + #define PHP_GDIMG_TYPE_JPG 3 |