Mirrors
/
php
mirror of https://github.com/php/php-src
3
0
Fork 0
Code Releases Activity
Browse Source

- #45997, safe_mode bypass with exec/sytem/passthru (windows only)

PHP-5.2.1RC1
Pierre Joye 17 years ago
parent
8d7ecdfdbb
commit
4d2e295344
1 changed files with 6 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      ext/standard/exec.c

6
ext/standard/exec.c
View File

@ -80,6 +80,12 @@ int php_exec(int type, char *cmd, zval *array, zval *return_value TSRMLS_DC)
goto err;
}
b = strrchr(cmd, PHP_DIR_SEPARATOR);
#ifdef PHP_WIN32
if (b && *b == '\\' && b == cmd) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid absolute path.");
goto err;
}
#endif
spprintf(&d, 0, "%s%s%s%s%s", PG(safe_mode_exec_dir), (b ? "" : "/"), (b ? b : cmd), (c ? " " : ""), (c ? c : ""));
if (c) {
*(c - 1) = ' ';

Write Preview
Loading…
Cancel
Save