1 files changed, 39 insertions, 0 deletions

diff --git a/dev-lang/php/files/4.3.11/php4.3.11-gd_safe_mode.patch b/dev-lang/php/files/4.3.11/php4.3.11-gd_safe_mode.patch
new file mode 100644
index 0000000..1901112
--- /dev/null
+++ b/dev-lang/php/files/4.3.11/php4.3.11-gd_safe_mode.patch
@@ -0,0 +1,39 @@
+--- ext/gd/gd.c	2005/01/17 17:07:57	1.221.2.54
++++ ext/gd/gd.c	2005/10/06 20:44:52	1.221.2.56.2.1
+@@ -18,7 +18,7 @@
+    +----------------------------------------------------------------------+
+  */
+
+-/* $Id: gd.c,v 1.221.2.54 2005/01/17 17:07:57 sniper Exp $ */
++/* $Id: gd.c,v 1.221.2.56.2.1 2005/10/06 20:44:52 iliaa Exp $ */
+
+ /* gd 1.2 is copyright 1994, 1995, Quest Protein Database Center,
+    Cold Spring Harbor Labs. */
+@@ -1644,7 +1644,7 @@ static void _php_image_output(INTERNAL_F
+ 	}
+
+ 	if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) {
+-		if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC)) {
++		if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "rb+", CHECKUID_CHECK_FILE_AND_DIR))) {
+ 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid filename '%s'", fn);
+ 			RETURN_FALSE;
+ 		}
+@@ -1699,7 +1699,7 @@ static void _php_image_output(INTERNAL_F
+ 		char  buf[4096];
+ 		char *path;
+
+-		tmp = php_open_temporary_file("", "", &path TSRMLS_CC);
++		tmp = php_open_temporary_file(NULL, NULL, &path TSRMLS_CC);
+ 		if (tmp == NULL) {
+ 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to open temporary file");
+ 			RETURN_FALSE;
+@@ -3017,7 +3017,8 @@ static void php_imagettftext_common(INTE
+ {
+ 	zval *IM, *EXT = NULL;
+ 	gdImagePtr im=NULL;
+-	int col = -1, x = -1, y = -1, str_len, fontname_len, i, brect[8];
++	long col = -1, x = -1, y = -1;
++	int str_len, fontname_len, i, brect[8];
+ 	double ptsize, angle;
+ 	unsigned char *str = NULL, *fontname = NULL;
+ 	char *error = NULL;