mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-01-09 12:34:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added a mechanism allowing the disabling of the ability to change

Browse Source 
certain INI options when safe_mode is enabled.

ATM three options are limited:
max_execution_time
memory_limit
child_terminate

This patch also fixes bug #17287.
This commit is contained in:
Ilia Alshanetsky 2002-10-25 01:06:46 +00:00
parent 85c4ecf6b5
commit b109f8e3bd
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ext/standard/basic_functions.c
View File

@ -2344,6 +2344,18 @@ PHP_FUNCTION(ini_set)
}
}
#define _CHECK_SAFEMODE_INI(ini, var) strncmp(ini, Z_STRVAL_PP(var), sizeof(ini))
/* checks that ensure the user does not overwrite certain ini settings when safe_mode is enabled */
if (PG(safe_mode)) {
if (!_CHECK_SAFEMODE_INI("max_execution_time", varname) ||
!_CHECK_SAFEMODE_INI("memory_limit", varname) ||
!_CHECK_SAFEMODE_INI("child_terminate", varname)) {
zval_dtor(return_value);
RETURN_FALSE;
}
}
if (zend_alter_ini_entry(Z_STRVAL_PP(varname), Z_STRLEN_PP(varname)+1, Z_STRVAL_PP(new_value), Z_STRLEN_PP(new_value),
PHP_INI_USER, PHP_INI_STAGE_RUNTIME) == FAILURE) {
zval_dtor(return_value);