mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-12-29 03:39:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixed a possible open_basedir/safe_mode bypass in session extension identified by Grzegorz Stachowiak.

Browse Source
This commit is contained in:
Ilia Alshanetsky 2010-01-31 18:06:29 +00:00
parent 981faa6754
commit 7bf62c33af
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ext/session/session.c
View File

@ -563,8 +563,13 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */
return FAILURE;
}
if ((p = zend_memrchr(new_value, ';', new_value_length))) {
/* we do not use zend_memrchr() since path can contain ; itself */
if ((p = strchr(new_value, ';'))) {
char *p2;
p++;
if ((p2 = strchr(p, ';'))) {
p = p2 + 1;
}
} else {
p = new_value;
}