Fix #34957; file access checks should use VCWD_ACCESS()

2024-11-24 10:24:11 +08:00 · 2005-10-22 17:02:10 +00:00 · 2005-10-22 17:02:10 +00:00 · 890f7f46b4
commit 890f7f46b4
parent 23d3ddea25
3 changed files with 33 additions and 1 deletions
--- a/1
+++ b/1
@ -1,6 +1,7 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? Oct 2005, PHP 5.1 Release Candidate 4
+- Fixed bug #34957 (PHP doesn't respect ACLs for access checks). (Wez)
 - Fixed fgetcsv() and fputcsv() inconsistency. (Dmitry)
 - Fixed bug #34934 (offsetExists is not called from array_key_exists). (Dmitry)
 - Fixed bug #34905 (Digest authentication does not work with Apache 1). (Ilia)
--- a/ext/standard/filestat.c
+++ b/ext/standard/filestat.c
@ -543,6 +543,7 @@ PHP_FUNCTION(clearstatcache)
 #define IS_LINK_OPERATION(__t) ((__t) == FS_TYPE || (__t) == FS_IS_LINK || (__t) == FS_LSTAT)
 #define IS_EXISTS_CHECK(__t) ((__t) == FS_EXISTS  || (__t) == FS_IS_W || (__t) == FS_IS_R || (__t) == FS_IS_X || (__t) == FS_IS_FILE || (__t) == FS_IS_DIR || (__t) == FS_IS_LINK)
 #define IS_ABLE_CHECK(__t) ((__t) == FS_IS_R || (__t) == FS_IS_W || (__t) == FS_IS_X)
+#define IS_ACCESS_CHECK(__t) (IS_ABLE_CHECK(type) || (__t) == FS_EXISTS)

 /* {{{ php_stat
 */
@ -560,6 +561,35 @@ PHPAPI void php_stat(const char *filename, php_stat_len filename_length, int typ
 		RETURN_FALSE;
 	}

+	if (IS_ACCESS_CHECK(type)) {
+		char *local;
+
+		if (php_stream_locate_url_wrapper(filename, &local, 0 TSRMLS_CC) == &php_plain_files_wrapper) {
+			switch (type) {
+#ifdef F_OK
+				case FS_EXISTS:
+					RETURN_BOOL(VCWD_ACCESS(local, F_OK) == 0);
+					break;
+#endif
+#ifdef W_OK
+				case FS_IS_W:
+					RETURN_BOOL(VCWD_ACCESS(local, W_OK) == 0);
+					break;
+#endif
+#ifdef R_OK
+				case FS_IS_R:
+					RETURN_BOOL(VCWD_ACCESS(local, R_OK) == 0);
+					break;
+#endif
+#ifdef X_OK
+				case FS_IS_X:
+					RETURN_BOOL(VCWD_ACCESS(local, X_OK) == 0);
+					break;
+#endif
+			}
+		}
+	}
+
 	if (IS_LINK_OPERATION(type)) {
 		flags |= PHP_STREAM_URL_STAT_LINK;
 	}
@ -617,7 +647,7 @@ PHPAPI void php_stat(const char *filename, php_stat_len filename_length, int typ
 		php_stream_wrapper *wrapper;

 		wrapper = php_stream_locate_url_wrapper(filename, NULL, 0 TSRMLS_CC);
-		if (wrapper && wrapper->wops && wrapper->wops->label && strcmp(wrapper->wops->label, "plainfile") == 0) {
+		if (wrapper == &php_plain_files_wrapper) {
 			if (type == FS_IS_X) {
 				xmask = S_IXROOT;
 			} else {
--- a/main/streams/php_stream_plain_wrapper.h
+++ b/main/streams/php_stream_plain_wrapper.h
@ -22,6 +22,7 @@

 /* operations for a plain file; use the php_stream_fopen_XXX funcs below */
 PHPAPI extern php_stream_ops php_stream_stdio_ops;
+PHPAPI extern php_stream_wrapper php_plain_files_wrapper;

 BEGIN_EXTERN_C()