php-src

mirror of https://github.com/php/php-src.git synced 2024-11-27 20:03:40 +08:00

History

Christoph M. Becker 2f6b9e6c63 Fix #81742 : open_basedir bypass in SQLite3 by using file URI A previous fix[1] was not sufficient to catch all potential file URIs, because the patch did not cater to URL encoding. Properly parsing and decoding the URI may yield a different result than the handling of SQLite3, so we play it safe, and reject any file URIs if open_basedir is configured. [1] <https://bugs.php.net/bug.php?id=77967> Closes GH-10018.		2022-12-06 15:59:52 +01:00
..
tests	Fix #81742 : open_basedir bypass in SQLite3 by using file URI	2022-12-06 15:59:52 +01:00
config0.m4	Require sqlite >= 3.7.7 for URI in DSN (#7347 )	2021-08-11 10:31:28 +02:00
config.w32	sqlite3 linkage issue on some systems/package combination fix.	2020-08-21 15:45:51 +02:00
CREDITS
php_sqlite3_structs.h	Update http->https in license (#6945 )	2021-05-06 12:16:35 +02:00
php_sqlite3.h	Update http->https in license (#6945 )	2021-05-06 12:16:35 +02:00
sqlite3_arginfo.h	Use single line phpdoc in stubs where possible	2021-07-20 13:16:56 +02:00
sqlite3.c	Fix #81742 : open_basedir bypass in SQLite3 by using file URI	2022-12-06 15:59:52 +01:00
sqlite3.stub.php	Use single line phpdoc in stubs where possible	2021-07-20 13:16:56 +02:00