diff options
Diffstat (limited to 'dev-lang/php/files/5.0.4/php5.0.4-gd_safe_mode.patch')
-rw-r--r-- | dev-lang/php/files/5.0.4/php5.0.4-gd_safe_mode.patch | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/dev-lang/php/files/5.0.4/php5.0.4-gd_safe_mode.patch b/dev-lang/php/files/5.0.4/php5.0.4-gd_safe_mode.patch new file mode 100644 index 0000000..91b0aae --- /dev/null +++ b/dev-lang/php/files/5.0.4/php5.0.4-gd_safe_mode.patch @@ -0,0 +1,29 @@ +--- ext/gd/gd.c 2005/01/17 17:07:47 1.294.2.11 ++++ ext/gd/gd.c 2005/10/06 20:42:56 1.294.2.13 +@@ -18,7 +18,7 @@ + +----------------------------------------------------------------------+ + */ + +-/* $Id: gd.c,v 1.294.2.11 2005/01/17 17:07:47 sniper Exp $ */ ++/* $Id: gd.c,v 1.294.2.13 2005/10/06 20:42:56 iliaa Exp $ */ + + /* gd 1.2 is copyright 1994, 1995, Quest Protein Database Center, + Cold Spring Harbor Labs. */ +@@ -1726,7 +1726,7 @@ static void _php_image_output(INTERNAL_F + } + + if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) { +- if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC)) { ++ if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "rb+", CHECKUID_CHECK_FILE_AND_DIR))) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid filename '%s'", fn); + RETURN_FALSE; + } +@@ -1781,7 +1781,7 @@ static void _php_image_output(INTERNAL_F + char buf[4096]; + char *path; + +- tmp = php_open_temporary_file("", "", &path TSRMLS_CC); ++ tmp = php_open_temporary_file(NULL, NULL, &path TSRMLS_CC); + if (tmp == NULL) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to open temporary file"); + RETURN_FALSE; |