PHP  
 PHP: Test and Code Coverage Analysis
downloads | QA | documentation | faq | getting help | mailing lists | reporting bugs | php.net sites | links | my php.net 
 

LCOV - code coverage report
Current view: top level - main - fopen_wrappers.c (source / functions) Hit Total Coverage
Test: PHP Code Coverage Lines: 249 339 73.5 %
Date: 2015-05-21 Functions: 12 12 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :    +----------------------------------------------------------------------+
       3             :    | PHP Version 7                                                        |
       4             :    +----------------------------------------------------------------------+
       5             :    | Copyright (c) 1997-2015 The PHP Group                                |
       6             :    +----------------------------------------------------------------------+
       7             :    | This source file is subject to version 3.01 of the PHP license,      |
       8             :    | that is bundled with this package in the file LICENSE, and is        |
       9             :    | available through the world-wide-web at the following url:           |
      10             :    | http://www.php.net/license/3_01.txt                                  |
      11             :    | If you did not receive a copy of the PHP license and are unable to   |
      12             :    | obtain it through the world-wide-web, please send a note to          |
      13             :    | license@php.net so we can mail you a copy immediately.               |
      14             :    +----------------------------------------------------------------------+
      15             :    | Authors: Rasmus Lerdorf <rasmus@lerdorf.on.ca>                       |
      16             :    |          Jim Winstead <jimw@php.net>                                 |
      17             :    +----------------------------------------------------------------------+
      18             :  */
      19             : 
      20             : /* $Id$ */
      21             : 
      22             : /* {{{ includes
      23             :  */
      24             : #include "php.h"
      25             : #include "php_globals.h"
      26             : #include "SAPI.h"
      27             : 
      28             : #include <stdio.h>
      29             : #include <stdlib.h>
      30             : #include <errno.h>
      31             : #include <sys/types.h>
      32             : #include <sys/stat.h>
      33             : #include <fcntl.h>
      34             : 
      35             : #ifdef PHP_WIN32
      36             : #define O_RDONLY _O_RDONLY
      37             : #include "win32/param.h"
      38             : #else
      39             : #include <sys/param.h>
      40             : #endif
      41             : 
      42             : #include "ext/standard/head.h"
      43             : #include "ext/standard/php_standard.h"
      44             : #include "zend_compile.h"
      45             : #include "php_network.h"
      46             : 
      47             : #if HAVE_PWD_H
      48             : #include <pwd.h>
      49             : #endif
      50             : 
      51             : #include <sys/types.h>
      52             : #if HAVE_SYS_SOCKET_H
      53             : #include <sys/socket.h>
      54             : #endif
      55             : 
      56             : #ifndef S_ISREG
      57             : #define S_ISREG(mode)   (((mode) & S_IFMT) == S_IFREG)
      58             : #endif
      59             : 
      60             : #ifdef PHP_WIN32
      61             : #include <winsock2.h>
      62             : #elif defined(NETWARE) && defined(USE_WINSOCK)
      63             : #include <novsock2.h>
      64             : #else
      65             : #include <netinet/in.h>
      66             : #include <netdb.h>
      67             : #if HAVE_ARPA_INET_H
      68             : #include <arpa/inet.h>
      69             : #endif
      70             : #endif
      71             : 
      72             : #if defined(PHP_WIN32) || defined(__riscos__) || defined(NETWARE)
      73             : #undef AF_UNIX
      74             : #endif
      75             : 
      76             : #if defined(AF_UNIX)
      77             : #include <sys/un.h>
      78             : #endif
      79             : /* }}} */
      80             : 
      81             : /* {{{ OnUpdateBaseDir
      82             : Allows any change to open_basedir setting in during Startup and Shutdown events,
      83             : or a tightening during activation/runtime/deactivation */
      84       20933 : PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
      85             : {
      86             :         char **p, *pathbuf, *ptr, *end;
      87             : #ifndef ZTS
      88       20933 :         char *base = (char *) mh_arg2;
      89             : #else
      90             :         char *base = (char *) ts_resource(*((int *) mh_arg2));
      91             : #endif
      92             : 
      93       20933 :         p = (char **) (base + (size_t) mh_arg1);
      94             : 
      95       20933 :         if (stage == PHP_INI_STAGE_STARTUP || stage == PHP_INI_STAGE_SHUTDOWN || stage == PHP_INI_STAGE_ACTIVATE || stage == PHP_INI_STAGE_DEACTIVATE) {
      96             :                 /* We're in a PHP_INI_SYSTEM context, no restrictions */
      97       20924 :                 *p = new_value ? new_value->val : NULL;
      98       20924 :                 return SUCCESS;
      99             :         }
     100             : 
     101             :         /* Otherwise we're in runtime */
     102           9 :         if (!*p || !**p) {
     103             :                 /* open_basedir not set yet, go ahead and give it a value */
     104           7 :                 *p = new_value->val;
     105           7 :                 return SUCCESS;
     106             :         }
     107             : 
     108             :         /* Shortcut: When we have a open_basedir and someone tries to unset, we know it'll fail */
     109           2 :         if (!new_value || !*new_value->val) {
     110           0 :                 return FAILURE;
     111             :         }
     112             : 
     113             :         /* Is the proposed open_basedir at least as restrictive as the current setting? */
     114           2 :         ptr = pathbuf = estrdup(new_value->val);
     115           5 :         while (ptr && *ptr) {
     116           2 :                 end = strchr(ptr, DEFAULT_DIR_SEPARATOR);
     117           2 :                 if (end != NULL) {
     118           0 :                         *end = '\0';
     119           0 :                         end++;
     120             :                 }
     121           2 :                 if (php_check_open_basedir_ex(ptr, 0) != 0) {
     122             :                         /* At least one portion of this open_basedir is less restrictive than the prior one, FAIL */
     123           1 :                         efree(pathbuf);
     124           1 :                         return FAILURE;
     125             :                 }
     126           1 :                 ptr = end;
     127             :         }
     128           1 :         efree(pathbuf);
     129             : 
     130             :         /* Everything checks out, set it */
     131           1 :         *p = new_value->val;
     132             : 
     133           1 :         return SUCCESS;
     134             : }
     135             : /* }}} */
     136             : 
     137             : /* {{{ php_check_specific_open_basedir
     138             :         When open_basedir is not NULL, check if the given filename is located in
     139             :         open_basedir. Returns -1 if error or not in the open_basedir, else 0.
     140             :         When open_basedir is NULL, always return 0.
     141             : */
     142        1090 : PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path)
     143             : {
     144             :         char resolved_name[MAXPATHLEN];
     145             :         char resolved_basedir[MAXPATHLEN];
     146             :         char local_open_basedir[MAXPATHLEN];
     147             :         char path_tmp[MAXPATHLEN];
     148             :         char *path_file;
     149             :         int resolved_basedir_len;
     150             :         int resolved_name_len;
     151             :         int path_len;
     152        1090 :         int nesting_level = 0;
     153             : 
     154             :         /* Special case basedir==".": Use script-directory */
     155        1090 :         if (strcmp(basedir, ".") || !VCWD_GETCWD(local_open_basedir, MAXPATHLEN)) {
     156             :                 /* Else use the unmodified path */
     157          23 :                 strlcpy(local_open_basedir, basedir, sizeof(local_open_basedir));
     158             :         }
     159             : 
     160        1090 :         path_len = (int)strlen(path);
     161        1090 :         if (path_len > (MAXPATHLEN - 1)) {
     162             :                 /* empty and too long paths are invalid */
     163           0 :                 return -1;
     164             :         }
     165             : 
     166             :         /* normalize and expand path */
     167        1090 :         if (expand_filepath(path, resolved_name) == NULL) {
     168           1 :                 return -1;
     169             :         }
     170             : 
     171        1089 :         path_len = (int)strlen(resolved_name);
     172        1089 :         memcpy(path_tmp, resolved_name, path_len + 1); /* safe */
     173             : 
     174        2538 :         while (VCWD_REALPATH(path_tmp, resolved_name) == NULL) {
     175             : #if defined(PHP_WIN32) || defined(HAVE_SYMLINK)
     176         360 :                 if (nesting_level == 0) {
     177             :                         int ret;
     178             :                         char buf[MAXPATHLEN];
     179             : 
     180         357 :                         ret = php_sys_readlink(path_tmp, buf, MAXPATHLEN - 1);
     181         357 :                         if (ret < 0) {
     182             :                                 /* not a broken symlink, move along.. */
     183             :                         } else {
     184             :                                 /* put the real path into the path buffer */
     185           0 :                                 memcpy(path_tmp, buf, ret);
     186           0 :                                 path_tmp[ret] = '\0';
     187             :                         }
     188             :                 }
     189             : #endif
     190             : 
     191             : #if defined(PHP_WIN32) || defined(NETWARE)
     192             :                 path_file = strrchr(path_tmp, DEFAULT_SLASH);
     193             :                 if (!path_file) {
     194             :                         path_file = strrchr(path_tmp, '/');
     195             :                 }
     196             : #else
     197         360 :                 path_file = strrchr(path_tmp, DEFAULT_SLASH);
     198             : #endif
     199         360 :                 if (!path_file) {
     200             :                         /* none of the path components exist. definitely not in open_basedir.. */
     201           0 :                         return -1;
     202             :                 } else {
     203         360 :                         path_len = path_file - path_tmp + 1;
     204             : #if defined(PHP_WIN32) || defined(NETWARE)
     205             :                         if (path_len > 1 && path_tmp[path_len - 2] == ':') {
     206             :                                 if (path_len != 3) {
     207             :                                         return -1;
     208             :                                 }
     209             :                                 /* this is c:\ */
     210             :                                 path_tmp[path_len] = '\0';
     211             :                         } else {
     212             :                                 path_tmp[path_len - 1] = '\0';
     213             :                         }
     214             : #else
     215         360 :                         path_tmp[path_len - 1] = '\0';
     216             : #endif
     217             :                 }
     218         360 :                 nesting_level++;
     219             :         }
     220             : 
     221             :         /* Resolve open_basedir to resolved_basedir */
     222        1089 :         if (expand_filepath(local_open_basedir, resolved_basedir) != NULL) {
     223        1089 :                 int basedir_len = (int)strlen(basedir);
     224             :                 /* Handler for basedirs that end with a / */
     225        1089 :                 resolved_basedir_len = (int)strlen(resolved_basedir);
     226             : #if defined(PHP_WIN32) || defined(NETWARE)
     227             :                 if (basedir[basedir_len - 1] == PHP_DIR_SEPARATOR || basedir[basedir_len - 1] == '/') {
     228             : #else
     229        1089 :                 if (basedir[basedir_len - 1] == PHP_DIR_SEPARATOR) {
     230             : #endif
     231           3 :                         if (resolved_basedir[resolved_basedir_len - 1] != PHP_DIR_SEPARATOR) {
     232           0 :                                 resolved_basedir[resolved_basedir_len] = PHP_DIR_SEPARATOR;
     233           0 :                                 resolved_basedir[++resolved_basedir_len] = '\0';
     234             :                         }
     235             :                 } else {
     236        1086 :                                 resolved_basedir[resolved_basedir_len++] = PHP_DIR_SEPARATOR;
     237        1086 :                                 resolved_basedir[resolved_basedir_len] = '\0';
     238             :                 }
     239             : 
     240        1089 :                 resolved_name_len = (int)strlen(resolved_name);
     241        1089 :                 if (path_tmp[path_len - 1] == PHP_DIR_SEPARATOR) {
     242          69 :                         if (resolved_name[resolved_name_len - 1] != PHP_DIR_SEPARATOR) {
     243          37 :                                 resolved_name[resolved_name_len] = PHP_DIR_SEPARATOR;
     244          37 :                                 resolved_name[++resolved_name_len] = '\0';
     245             :                         }
     246             :                 }
     247             : 
     248             :                 /* Check the path */
     249             : #if defined(PHP_WIN32) || defined(NETWARE)
     250             :                 if (strncasecmp(resolved_basedir, resolved_name, resolved_basedir_len) == 0) {
     251             : #else
     252        1089 :                 if (strncmp(resolved_basedir, resolved_name, resolved_basedir_len) == 0) {
     253             : #endif
     254        1001 :                         if (resolved_name_len > resolved_basedir_len &&
     255         499 :                                 resolved_name[resolved_basedir_len - 1] != PHP_DIR_SEPARATOR) {
     256           0 :                                 return -1;
     257             :                         } else {
     258             :                                 /* File is in the right directory */
     259         502 :                                 return 0;
     260             :                         }
     261             :                 } else {
     262             :                         /* /openbasedir/ and /openbasedir are the same directory */
     263         587 :                         if (resolved_basedir_len == (resolved_name_len + 1) && resolved_basedir[resolved_basedir_len - 1] == PHP_DIR_SEPARATOR) {
     264             : #if defined(PHP_WIN32) || defined(NETWARE)
     265             :                                 if (strncasecmp(resolved_basedir, resolved_name, resolved_name_len) == 0) {
     266             : #else
     267         247 :                                 if (strncmp(resolved_basedir, resolved_name, resolved_name_len) == 0) {
     268             : #endif
     269         246 :                                         return 0;
     270             :                                 }
     271             :                         }
     272         341 :                         return -1;
     273             :                 }
     274             :         } else {
     275             :                 /* Unable to resolve the real path, return -1 */
     276           0 :                 return -1;
     277             :         }
     278             : }
     279             : /* }}} */
     280             : 
     281      414731 : PHPAPI int php_check_open_basedir(const char *path)
     282             : {
     283      414731 :         return php_check_open_basedir_ex(path, 1);
     284             : }
     285             : 
     286             : /* {{{ php_check_open_basedir
     287             :  */
     288      471988 : PHPAPI int php_check_open_basedir_ex(const char *path, int warn)
     289             : {
     290             :         /* Only check when open_basedir is available */
     291      471988 :         if (PG(open_basedir) && *PG(open_basedir)) {
     292             :                 char *pathbuf;
     293             :                 char *ptr;
     294             :                 char *end;
     295             : 
     296             :                 /* Check if the path is too long so we can give a more useful error
     297             :                 * message. */
     298        1091 :                 if (strlen(path) > (MAXPATHLEN - 1)) {
     299           1 :                         php_error_docref(NULL, E_WARNING, "File name is longer than the maximum allowed path length on this platform (%d): %s", MAXPATHLEN, path);
     300           1 :                         errno = EINVAL;
     301           1 :                         return -1;
     302             :                 }
     303             : 
     304        1090 :                 pathbuf = estrdup(PG(open_basedir));
     305             : 
     306        1090 :                 ptr = pathbuf;
     307             : 
     308        2522 :                 while (ptr && *ptr) {
     309        1090 :                         end = strchr(ptr, DEFAULT_DIR_SEPARATOR);
     310        1090 :                         if (end != NULL) {
     311           0 :                                 *end = '\0';
     312           0 :                                 end++;
     313             :                         }
     314             : 
     315        1090 :                         if (php_check_specific_open_basedir(ptr, path) == 0) {
     316         748 :                                 efree(pathbuf);
     317         748 :                                 return 0;
     318             :                         }
     319             : 
     320         342 :                         ptr = end;
     321             :                 }
     322         342 :                 if (warn) {
     323         315 :                         php_error_docref(NULL, E_WARNING, "open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));
     324             :                 }
     325         342 :                 efree(pathbuf);
     326         342 :                 errno = EPERM; /* we deny permission to open it */
     327         342 :                 return -1;
     328             :         }
     329             : 
     330             :         /* Nothing to check... */
     331      470897 :         return 0;
     332             : }
     333             : /* }}} */
     334             : 
     335             : /* {{{ php_fopen_and_set_opened_path
     336             :  */
     337         148 : static FILE *php_fopen_and_set_opened_path(const char *path, const char *mode, zend_string **opened_path)
     338             : {
     339             :         FILE *fp;
     340             : 
     341         148 :         if (php_check_open_basedir((char *)path)) {
     342           0 :                 return NULL;
     343             :         }
     344         148 :         fp = VCWD_FOPEN(path, mode);
     345         148 :         if (fp && opened_path) {
     346             :                 //TODO :avoid reallocation
     347           0 :                 char *tmp = expand_filepath_with_mode(path, NULL, NULL, 0, CWD_EXPAND);
     348           0 :                 if (tmp) {
     349           0 :                         *opened_path = zend_string_init(tmp, strlen(tmp), 0);
     350           0 :                         efree(tmp);
     351             :                 }
     352             :         }
     353         148 :         return fp;
     354             : }
     355             : /* }}} */
     356             : 
     357             : /* {{{ php_fopen_primary_script
     358             :  */
     359         403 : PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle)
     360             : {
     361             :         char *path_info;
     362         403 :         char *filename = NULL;
     363         403 :         zend_string *resolved_path = NULL;
     364             :         int length;
     365             :         zend_bool orig_display_errors;
     366             : 
     367         403 :         path_info = SG(request_info).request_uri;
     368             : #if HAVE_PWD_H
     369         403 :         if (PG(user_dir) && *PG(user_dir) && path_info && '/' == path_info[0] && '~' == path_info[1]) {
     370           0 :                 char *s = strchr(path_info + 2, '/');
     371             : 
     372           0 :                 if (s) {                        /* if there is no path name after the file, do not bother */
     373             :                         char user[32];                  /* to try open the directory */
     374             :                         struct passwd *pw;
     375             : #if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX)
     376             :                         struct passwd pwstruc;
     377             :                         long pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
     378             :                         char *pwbuf;
     379             : 
     380             :                         if (pwbuflen < 1) {
     381             :                                 return FAILURE;
     382             :                         }
     383             : 
     384             :                         pwbuf = emalloc(pwbuflen);
     385             : #endif
     386           0 :                         length = s - (path_info + 2);
     387           0 :                         if (length > (int)sizeof(user) - 1) {
     388           0 :                                 length = sizeof(user) - 1;
     389             :                         }
     390           0 :                         memcpy(user, path_info + 2, length);
     391           0 :                         user[length] = '\0';
     392             : #if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX)
     393             :                         if (getpwnam_r(user, &pwstruc, pwbuf, pwbuflen, &pw)) {
     394             :                                 efree(pwbuf);
     395             :                                 return FAILURE;
     396             :                         }
     397             : #else
     398           0 :                         pw = getpwnam(user);
     399             : #endif
     400           0 :                         if (pw && pw->pw_dir) {
     401           0 :                                 spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR, PG(user_dir), PHP_DIR_SEPARATOR, s + 1); /* Safe */
     402             :                         } else {
     403           0 :                                 filename = SG(request_info).path_translated;
     404             :                         }
     405             : #if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX)
     406             :                         efree(pwbuf);
     407             : #endif
     408             :                 }
     409             :         } else
     410             : #endif
     411         403 :         if (PG(doc_root) && path_info && (length = (int)strlen(PG(doc_root))) &&
     412           0 :                 IS_ABSOLUTE_PATH(PG(doc_root), length)) {
     413           0 :                 int path_len = (int)strlen(path_info);
     414           0 :                 filename = emalloc(length + path_len + 2);
     415           0 :                 if (filename) {
     416           0 :                         memcpy(filename, PG(doc_root), length);
     417           0 :                         if (!IS_SLASH(filename[length - 1])) {  /* length is never 0 */
     418           0 :                                 filename[length++] = PHP_DIR_SEPARATOR;
     419             :                         }
     420           0 :                         if (IS_SLASH(path_info[0])) {
     421           0 :                                 length--;
     422             :                         }
     423           0 :                         strncpy(filename + length, path_info, path_len + 1);
     424             :                 }
     425             :         } else {
     426         403 :                 filename = SG(request_info).path_translated;
     427             :         }
     428             : 
     429             : 
     430         403 :         if (filename) {
     431         403 :                 resolved_path = zend_resolve_path(filename, (int)strlen(filename));
     432             :         }
     433             : 
     434         403 :         if (!resolved_path) {
     435           7 :                 if (SG(request_info).path_translated != filename) {
     436           0 :                         if (filename) {
     437           0 :                                 efree(filename);
     438             :                         }
     439             :                 }
     440             :                 /* we have to free SG(request_info).path_translated here because
     441             :                  * php_destroy_request_info assumes that it will get
     442             :                  * freed when the include_names hash is emptied, but
     443             :                  * we're not adding it in this case */
     444           7 :                 if (SG(request_info).path_translated) {
     445           7 :                         efree(SG(request_info).path_translated);
     446           7 :                         SG(request_info).path_translated = NULL;
     447             :                 }
     448           7 :                 return FAILURE;
     449             :         }
     450             :         zend_string_release(resolved_path);
     451             : 
     452         396 :         orig_display_errors = PG(display_errors);
     453         396 :         PG(display_errors) = 0;
     454         396 :         if (zend_stream_open(filename, file_handle) == FAILURE) {
     455           0 :                 PG(display_errors) = orig_display_errors;
     456           0 :                 if (SG(request_info).path_translated != filename) {
     457           0 :                         if (filename) {
     458           0 :                                 efree(filename);
     459             :                         }
     460             :                 }
     461           0 :                 if (SG(request_info).path_translated) {
     462           0 :                         efree(SG(request_info).path_translated);
     463           0 :                         SG(request_info).path_translated = NULL;
     464             :                 }
     465           0 :                 return FAILURE;
     466             :         }
     467         396 :         PG(display_errors) = orig_display_errors;
     468             : 
     469         396 :         if (SG(request_info).path_translated != filename) {
     470           0 :                 if (SG(request_info).path_translated) {
     471           0 :                         efree(SG(request_info).path_translated);
     472             :                 }
     473           0 :                 SG(request_info).path_translated = filename;
     474             :         }
     475             : 
     476         396 :         return SUCCESS;
     477             : }
     478             : /* }}} */
     479             : 
     480             : /* {{{ php_resolve_path
     481             :  * Returns the realpath for given filename according to include path
     482             :  */
     483       14921 : PHPAPI zend_string *php_resolve_path(const char *filename, int filename_length, const char *path)
     484             : {
     485             :         char resolved_path[MAXPATHLEN];
     486             :         char trypath[MAXPATHLEN];
     487             :         const char *ptr, *end, *p;
     488             :         const char *actual_path;
     489             :         php_stream_wrapper *wrapper;
     490             :         zend_string *exec_filename;
     491             : 
     492       14921 :         if (!filename || CHECK_NULL_PATH(filename, filename_length)) {
     493           0 :                 return NULL;
     494             :         }
     495             : 
     496             :         /* Don't resolve paths which contain protocol (except of file://) */
     497       14921 :         for (p = filename; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
     498       14921 :         if ((*p == ':') && (p - filename > 1) && (p[1] == '/') && (p[2] == '/')) {
     499         292 :                 wrapper = php_stream_locate_url_wrapper(filename, &actual_path, STREAM_OPEN_FOR_INCLUDE);
     500         292 :                 if (wrapper == &php_plain_files_wrapper) {
     501           4 :                         if (tsrm_realpath(actual_path, resolved_path)) {
     502           4 :                                 return zend_string_init(resolved_path, strlen(resolved_path), 0);
     503             :                         }
     504             :                 }
     505         290 :                 return NULL;
     506             :         }
     507             : 
     508       35278 :         if ((*filename == '.' &&
     509           4 :              (IS_SLASH(filename[1]) ||
     510           0 :               ((filename[1] == '.') && IS_SLASH(filename[2])))) ||
     511       14625 :             IS_ABSOLUTE_PATH(filename, filename_length) ||
     512             :             !path ||
     513        6020 :             !*path) {
     514        8609 :                 if (tsrm_realpath(filename, resolved_path)) {
     515       17196 :                         return zend_string_init(resolved_path, strlen(resolved_path), 0);
     516             :                 } else {
     517          11 :                         return NULL;
     518             :                 }
     519             :         }
     520             : 
     521        6020 :         ptr = path;
     522       23911 :         while (ptr && *ptr) {
     523             :                 /* Check for stream wrapper */
     524       11987 :                 int is_stream_wrapper = 0;
     525             : 
     526       11987 :                 for (p = ptr; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
     527       11987 :                 if ((*p == ':') && (p - ptr > 1) && (p[1] == '/') && (p[2] == '/')) {
     528             :                         /* .:// or ..:// is not a stream wrapper */
     529          45 :                         if (p[-1] != '.' || p[-2] != '.' || p - 2 != ptr) {
     530          45 :                                 p += 3;
     531          45 :                                 is_stream_wrapper = 1;
     532             :                         }
     533             :                 }
     534       11987 :                 end = strchr(p, DEFAULT_DIR_SEPARATOR);
     535       11987 :                 if (end) {
     536        6078 :                         if ((end-ptr) + 1 + filename_length + 1 >= MAXPATHLEN) {
     537           0 :                                 ptr = end + 1;
     538           0 :                                 continue;
     539             :                         }
     540        6078 :                         memcpy(trypath, ptr, end-ptr);
     541        6078 :                         trypath[end-ptr] = '/';
     542        6078 :                         memcpy(trypath+(end-ptr)+1, filename, filename_length+1);
     543        6078 :                         ptr = end+1;
     544             :                 } else {
     545        5909 :                         int len = (int)strlen(ptr);
     546             : 
     547        5909 :                         if (len + 1 + filename_length + 1 >= MAXPATHLEN) {
     548           0 :                                 break;
     549             :                         }
     550        5909 :                         memcpy(trypath, ptr, len);
     551        5909 :                         trypath[len] = '/';
     552        5909 :                         memcpy(trypath+len+1, filename, filename_length+1);
     553        5909 :                         ptr = NULL;
     554             :                 }
     555       11987 :                 actual_path = trypath;
     556       11987 :                 if (is_stream_wrapper) {
     557          45 :                         wrapper = php_stream_locate_url_wrapper(trypath, &actual_path, STREAM_OPEN_FOR_INCLUDE);
     558          45 :                         if (!wrapper) {
     559           0 :                                 continue;
     560          45 :                         } else if (wrapper != &php_plain_files_wrapper) {
     561          45 :                                 if (wrapper->wops->url_stat) {
     562             :                                         php_stream_statbuf ssb;
     563             : 
     564          45 :                                         if (SUCCESS == wrapper->wops->url_stat(wrapper, trypath, 0, &ssb, NULL)) {
     565          66 :                                                 return zend_string_init(trypath, strlen(trypath), 0);
     566             :                                         }
     567             :                                 }
     568          12 :                                 continue;
     569             :                         }
     570             :                 }
     571       11942 :                 if (tsrm_realpath(actual_path, resolved_path)) {
     572         166 :                         return zend_string_init(resolved_path, strlen(resolved_path), 0);
     573             :                 }
     574             :         } /* end provided path */
     575             : 
     576             :         /* check in calling scripts' current working directory as a fall back case
     577             :          */
     578       11801 :         if (zend_is_executing() &&
     579        5897 :             (exec_filename = zend_get_executed_filename_ex()) != NULL) {
     580        5897 :                 const char *exec_fname = exec_filename->val;
     581        5897 :                 size_t exec_fname_length = exec_filename->len;
     582             : 
     583      143950 :                 while ((--exec_fname_length < SIZE_MAX) && !IS_SLASH(exec_fname[exec_fname_length]));
     584       11794 :                 if (exec_fname_length > 0 &&
     585        5897 :                     exec_fname_length + 1 + filename_length + 1 < MAXPATHLEN) {
     586        5897 :                         memcpy(trypath, exec_fname, exec_fname_length + 1);
     587        5897 :                         memcpy(trypath+exec_fname_length + 1, filename, filename_length+1);
     588        5897 :                         actual_path = trypath;
     589             : 
     590             :                         /* Check for stream wrapper */
     591        5897 :                         for (p = trypath; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
     592        5897 :                         if ((*p == ':') && (p - trypath > 1) && (p[1] == '/') && (p[2] == '/')) {
     593           4 :                                 wrapper = php_stream_locate_url_wrapper(trypath, &actual_path, STREAM_OPEN_FOR_INCLUDE);
     594           4 :                                 if (!wrapper) {
     595           0 :                                         return NULL;
     596           4 :                                 } else if (wrapper != &php_plain_files_wrapper) {
     597           4 :                                         if (wrapper->wops->url_stat) {
     598             :                                                 php_stream_statbuf ssb;
     599             : 
     600           4 :                                                 if (SUCCESS == wrapper->wops->url_stat(wrapper, trypath, 0, &ssb, NULL)) {
     601           4 :                                                         return zend_string_init(trypath, strlen(trypath), 0);
     602             :                                                 }
     603             :                                         }
     604           2 :                                         return NULL;
     605             :                                 }
     606             :                         }
     607             : 
     608        5893 :                         if (tsrm_realpath(actual_path, resolved_path)) {
     609       11642 :                                 return zend_string_init(resolved_path, strlen(resolved_path), 0);
     610             :                         }
     611             :                 }
     612             :         }
     613             : 
     614          79 :         return NULL;
     615             : }
     616             : /* }}} */
     617             : 
     618             : /* {{{ php_fopen_with_path
     619             :  * Tries to open a file with a PATH-style list of directories.
     620             :  * If the filename starts with "." or "/", the path is ignored.
     621             :  */
     622          74 : PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const char *path, zend_string **opened_path)
     623             : {
     624             :         char *pathbuf, *ptr, *end;
     625             :         char trypath[MAXPATHLEN];
     626             :         FILE *fp;
     627             :         int filename_length;
     628             :         zend_string *exec_filename;
     629             : 
     630          74 :         if (opened_path) {
     631          74 :                 *opened_path = NULL;
     632             :         }
     633             : 
     634          74 :         if (!filename) {
     635           0 :                 return NULL;
     636             :         }
     637             : 
     638          74 :         filename_length = (int)strlen(filename);
     639             : #ifndef PHP_WIN32
     640             :         (void) filename_length;
     641             : #endif
     642             : 
     643             :         /* Relative path open */
     644         222 :         if ((*filename == '.')
     645             :         /* Absolute path open */
     646          74 :          || IS_ABSOLUTE_PATH(filename, filename_length)
     647          74 :          || (!path || (path && !*path))
     648             :         ) {
     649           0 :                 return php_fopen_and_set_opened_path(filename, mode, opened_path);
     650             :         }
     651             : 
     652             :         /* check in provided path */
     653             :         /* append the calling scripts' current working directory
     654             :          * as a fall back case
     655             :          */
     656          74 :         if (zend_is_executing() &&
     657           0 :             (exec_filename = zend_get_executed_filename_ex()) != NULL) {
     658           0 :                 const char *exec_fname = exec_filename->val;
     659           0 :                 size_t exec_fname_length = exec_filename->len;
     660             : 
     661           0 :                 while ((--exec_fname_length < SIZE_MAX) && !IS_SLASH(exec_fname[exec_fname_length]));
     662           0 :                 if ((exec_fname && exec_fname[0] == '[') || exec_fname_length <= 0) {
     663             :                         /* [no active file] or no path */
     664           0 :                         pathbuf = estrdup(path);
     665             :                 } else {
     666           0 :                         size_t path_length = strlen(path);
     667             : 
     668           0 :                         pathbuf = (char *) emalloc(exec_fname_length + path_length + 1 + 1);
     669           0 :                         memcpy(pathbuf, path, path_length);
     670           0 :                         pathbuf[path_length] = DEFAULT_DIR_SEPARATOR;
     671           0 :                         memcpy(pathbuf + path_length + 1, exec_fname, exec_fname_length);
     672           0 :                         pathbuf[path_length + exec_fname_length + 1] = '\0';
     673             :                 }
     674             :         } else {
     675          74 :                 pathbuf = estrdup(path);
     676             :         }
     677             : 
     678          74 :         ptr = pathbuf;
     679             : 
     680         296 :         while (ptr && *ptr) {
     681         148 :                 end = strchr(ptr, DEFAULT_DIR_SEPARATOR);
     682         148 :                 if (end != NULL) {
     683          74 :                         *end = '\0';
     684          74 :                         end++;
     685             :                 }
     686         148 :                 if (snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename) >= MAXPATHLEN) {
     687           0 :                         php_error_docref(NULL, E_NOTICE, "%s/%s path was truncated to %d", ptr, filename, MAXPATHLEN);
     688             :                 }
     689         148 :                 fp = php_fopen_and_set_opened_path(trypath, mode, opened_path);
     690         148 :                 if (fp) {
     691           0 :                         efree(pathbuf);
     692           0 :                         return fp;
     693             :                 }
     694         148 :                 ptr = end;
     695             :         } /* end provided path */
     696             : 
     697          74 :         efree(pathbuf);
     698          74 :         return NULL;
     699             : }
     700             : /* }}} */
     701             : 
     702             : /* {{{ php_strip_url_passwd
     703             :  */
     704         537 : PHPAPI char *php_strip_url_passwd(char *url)
     705             : {
     706             :         register char *p, *url_start;
     707             : 
     708         537 :         if (url == NULL) {
     709           0 :                 return "";
     710             :         }
     711             : 
     712         537 :         p = url;
     713             : 
     714       18074 :         while (*p) {
     715       17153 :                 if (*p == ':' && *(p + 1) == '/' && *(p + 2) == '/') {
     716             :                         /* found protocol */
     717         153 :                         url_start = p = p + 3;
     718             : 
     719        7250 :                         while (*p) {
     720        6946 :                                 if (*p == '@') {
     721             :                                         int i;
     722             : 
     723           8 :                                         for (i = 0; i < 3 && url_start < p; i++, url_start++) {
     724           6 :                                                 *url_start = '.';
     725             :                                         }
     726          24 :                                         for (; *p; p++) {
     727          22 :                                                 *url_start++ = *p;
     728             :                                         }
     729           2 :                                         *url_start=0;
     730           2 :                                         break;
     731             :                                 }
     732        6944 :                                 p++;
     733             :                         }
     734         153 :                         return url;
     735             :                 }
     736       17000 :                 p++;
     737             :         }
     738         384 :         return url;
     739             : }
     740             : /* }}} */
     741             : 
     742             : /* {{{ expand_filepath
     743             :  */
     744      116082 : PHPAPI char *expand_filepath(const char *filepath, char *real_path)
     745             : {
     746      116082 :         return expand_filepath_ex(filepath, real_path, NULL, 0);
     747             : }
     748             : /* }}} */
     749             : 
     750             : /* {{{ expand_filepath_ex
     751             :  */
     752      116250 : PHPAPI char *expand_filepath_ex(const char *filepath, char *real_path, const char *relative_to, size_t relative_to_len)
     753             : {
     754      116250 :         return expand_filepath_with_mode(filepath, real_path, relative_to, relative_to_len, CWD_FILEPATH);
     755             : }
     756             : /* }}} */
     757             : 
     758             : /* {{{ expand_filepath_use_realpath
     759             :  */
     760      116846 : PHPAPI char *expand_filepath_with_mode(const char *filepath, char *real_path, const char *relative_to, size_t relative_to_len, int realpath_mode)
     761             : {
     762             :         cwd_state new_state;
     763             :         char cwd[MAXPATHLEN];
     764             :         int copy_len;
     765             :         int path_len;
     766             : 
     767      116846 :         if (!filepath[0]) {
     768           2 :                 return NULL;
     769             :         }
     770             : 
     771      116844 :         path_len = (int)strlen(filepath);
     772             : 
     773      116844 :         if (IS_ABSOLUTE_PATH(filepath, path_len)) {
     774      115598 :                 cwd[0] = '\0';
     775             :         } else {
     776        1246 :                 const char *iam = SG(request_info).path_translated;
     777             :                 const char *result;
     778        1246 :                 if (relative_to) {
     779          32 :                         if (relative_to_len > MAXPATHLEN-1U) {
     780           0 :                                 return NULL;
     781             :                         }
     782          32 :                         result = relative_to;
     783          32 :                         memcpy(cwd, relative_to, relative_to_len+1U);
     784             :                 } else {
     785        1214 :                         result = VCWD_GETCWD(cwd, MAXPATHLEN);
     786             :                 }
     787             : 
     788        1246 :                 if (!result && (iam != filepath)) {
     789           0 :                         int fdtest = -1;
     790             : 
     791           0 :                         fdtest = VCWD_OPEN(filepath, O_RDONLY);
     792           0 :                         if (fdtest != -1) {
     793             :                                 /* return a relative file path if for any reason
     794             :                                  * we cannot cannot getcwd() and the requested,
     795             :                                  * relatively referenced file is accessible */
     796           0 :                                 copy_len = path_len > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : path_len;
     797           0 :                                 if (real_path) {
     798           0 :                                         memcpy(real_path, filepath, copy_len);
     799           0 :                                         real_path[copy_len] = '\0';
     800             :                                 } else {
     801           0 :                                         real_path = estrndup(filepath, copy_len);
     802             :                                 }
     803           0 :                                 close(fdtest);
     804           0 :                                 return real_path;
     805             :                         } else {
     806           0 :                                 cwd[0] = '\0';
     807             :                         }
     808        1246 :                 } else if (!result) {
     809           0 :                         cwd[0] = '\0';
     810             :                 }
     811             :         }
     812             : 
     813      116844 :         new_state.cwd = estrdup(cwd);
     814      116844 :         new_state.cwd_length = (int)strlen(cwd);
     815             : 
     816      116844 :         if (virtual_file_ex(&new_state, filepath, NULL, realpath_mode)) {
     817           3 :                 efree(new_state.cwd);
     818           3 :                 return NULL;
     819             :         }
     820             : 
     821      116841 :         if (real_path) {
     822       93700 :                 copy_len = new_state.cwd_length > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : new_state.cwd_length;
     823       93700 :                 memcpy(real_path, new_state.cwd, copy_len);
     824       93700 :                 real_path[copy_len] = '\0';
     825             :         } else {
     826       23141 :                 real_path = estrndup(new_state.cwd, new_state.cwd_length);
     827             :         }
     828      116841 :         efree(new_state.cwd);
     829             : 
     830      116841 :         return real_path;
     831             : }
     832             : /* }}} */
     833             : 
     834             : /*
     835             :  * Local variables:
     836             :  * tab-width: 4
     837             :  * c-basic-offset: 4
     838             :  * End:
     839             :  * vim600: sw=4 ts=4 fdm=marker
     840             :  * vim<600: sw=4 ts=4
     841             :  */

Generated by: LCOV version 1.10

Generated at Thu, 21 May 2015 19:59:09 +0000 (5 days ago)

Copyright © 2005-2015 The PHP Group
All rights reserved.