1 /*
2 +----------------------------------------------------------------------+
3 | PHP Version 7 |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 1997-2018 The PHP Group |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Rasmus Lerdorf <rasmus@lerdorf.on.ca> |
16 | Jim Winstead <jimw@php.net> |
17 +----------------------------------------------------------------------+
18 */
19
20 /* $Id$ */
21
22 /* {{{ includes
23 */
24 #include "php.h"
25 #include "php_globals.h"
26 #include "SAPI.h"
27
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <errno.h>
31 #include <sys/types.h>
32 #include <sys/stat.h>
33 #include <fcntl.h>
34
35 #ifdef PHP_WIN32
36 #define O_RDONLY _O_RDONLY
37 #include "win32/param.h"
38 #else
39 #include <sys/param.h>
40 #endif
41
42 #include "ext/standard/head.h"
43 #include "ext/standard/php_standard.h"
44 #include "zend_compile.h"
45 #include "php_network.h"
46
47 #if HAVE_PWD_H
48 #include <pwd.h>
49 #endif
50
51 #include <sys/types.h>
52 #if HAVE_SYS_SOCKET_H
53 #include <sys/socket.h>
54 #endif
55
56 #ifdef PHP_WIN32
57 #include <winsock2.h>
58 #else
59 #include <netinet/in.h>
60 #include <netdb.h>
61 #if HAVE_ARPA_INET_H
62 #include <arpa/inet.h>
63 #endif
64 #endif
65
66 #if defined(PHP_WIN32) || defined(__riscos__)
67 #undef AF_UNIX
68 #endif
69
70 #if defined(AF_UNIX)
71 #include <sys/un.h>
72 #endif
73 /* }}} */
74
75 /* {{{ OnUpdateBaseDir
76 Allows any change to open_basedir setting in during Startup and Shutdown events,
77 or a tightening during activation/runtime/deactivation */
ZEND_INI_MH(OnUpdateBaseDir)78 PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
79 {
80 char **p, *pathbuf, *ptr, *end;
81 #ifndef ZTS
82 char *base = (char *) mh_arg2;
83 #else
84 char *base = (char *) ts_resource(*((int *) mh_arg2));
85 #endif
86
87 p = (char **) (base + (size_t) mh_arg1);
88
89 if (stage == PHP_INI_STAGE_STARTUP || stage == PHP_INI_STAGE_SHUTDOWN || stage == PHP_INI_STAGE_ACTIVATE || stage == PHP_INI_STAGE_DEACTIVATE) {
90 /* We're in a PHP_INI_SYSTEM context, no restrictions */
91 *p = new_value ? ZSTR_VAL(new_value) : NULL;
92 return SUCCESS;
93 }
94
95 /* Otherwise we're in runtime */
96 if (!*p || !**p) {
97 /* open_basedir not set yet, go ahead and give it a value */
98 *p = ZSTR_VAL(new_value);
99 return SUCCESS;
100 }
101
102 /* Shortcut: When we have a open_basedir and someone tries to unset, we know it'll fail */
103 if (!new_value || !*ZSTR_VAL(new_value)) {
104 return FAILURE;
105 }
106
107 /* Is the proposed open_basedir at least as restrictive as the current setting? */
108 ptr = pathbuf = estrdup(ZSTR_VAL(new_value));
109 while (ptr && *ptr) {
110 end = strchr(ptr, DEFAULT_DIR_SEPARATOR);
111 if (end != NULL) {
112 *end = '\0';
113 end++;
114 }
115 if (php_check_open_basedir_ex(ptr, 0) != 0) {
116 /* At least one portion of this open_basedir is less restrictive than the prior one, FAIL */
117 efree(pathbuf);
118 return FAILURE;
119 }
120 ptr = end;
121 }
122 efree(pathbuf);
123
124 /* Everything checks out, set it */
125 *p = ZSTR_VAL(new_value);
126
127 return SUCCESS;
128 }
129 /* }}} */
130
131 /* {{{ php_check_specific_open_basedir
132 When open_basedir is not NULL, check if the given filename is located in
133 open_basedir. Returns -1 if error or not in the open_basedir, else 0.
134 When open_basedir is NULL, always return 0.
135 */
php_check_specific_open_basedir(const char * basedir,const char * path)136 PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path)
137 {
138 char resolved_name[MAXPATHLEN];
139 char resolved_basedir[MAXPATHLEN];
140 char local_open_basedir[MAXPATHLEN];
141 char path_tmp[MAXPATHLEN];
142 char *path_file;
143 size_t resolved_basedir_len;
144 size_t resolved_name_len;
145 size_t path_len;
146 int nesting_level = 0;
147
148 /* Special case basedir==".": Use script-directory */
149 if (strcmp(basedir, ".") || !VCWD_GETCWD(local_open_basedir, MAXPATHLEN)) {
150 /* Else use the unmodified path */
151 strlcpy(local_open_basedir, basedir, sizeof(local_open_basedir));
152 }
153
154 path_len = strlen(path);
155 if (path_len > (MAXPATHLEN - 1)) {
156 /* empty and too long paths are invalid */
157 return -1;
158 }
159
160 /* normalize and expand path */
161 if (expand_filepath(path, resolved_name) == NULL) {
162 return -1;
163 }
164
165 path_len = strlen(resolved_name);
166 memcpy(path_tmp, resolved_name, path_len + 1); /* safe */
167
168 while (VCWD_REALPATH(path_tmp, resolved_name) == NULL) {
169 #if defined(PHP_WIN32) || defined(HAVE_SYMLINK)
170 if (nesting_level == 0) {
171 int ret;
172 char buf[MAXPATHLEN];
173
174 ret = php_sys_readlink(path_tmp, buf, MAXPATHLEN - 1);
175 if (ret < 0) {
176 /* not a broken symlink, move along.. */
177 } else {
178 /* put the real path into the path buffer */
179 memcpy(path_tmp, buf, ret);
180 path_tmp[ret] = '\0';
181 }
182 }
183 #endif
184
185 #ifdef PHP_WIN32
186 path_file = strrchr(path_tmp, DEFAULT_SLASH);
187 if (!path_file) {
188 path_file = strrchr(path_tmp, '/');
189 }
190 #else
191 path_file = strrchr(path_tmp, DEFAULT_SLASH);
192 #endif
193 if (!path_file) {
194 /* none of the path components exist. definitely not in open_basedir.. */
195 return -1;
196 } else {
197 path_len = path_file - path_tmp + 1;
198 #ifdef PHP_WIN32
199 if (path_len > 1 && path_tmp[path_len - 2] == ':') {
200 if (path_len != 3) {
201 return -1;
202 }
203 /* this is c:\ */
204 path_tmp[path_len] = '\0';
205 } else {
206 path_tmp[path_len - 1] = '\0';
207 }
208 #else
209 path_tmp[path_len - 1] = '\0';
210 #endif
211 }
212 nesting_level++;
213 }
214
215 /* Resolve open_basedir to resolved_basedir */
216 if (expand_filepath(local_open_basedir, resolved_basedir) != NULL) {
217 size_t basedir_len = strlen(basedir);
218 /* Handler for basedirs that end with a / */
219 resolved_basedir_len = strlen(resolved_basedir);
220 #ifdef PHP_WIN32
221 if (basedir[basedir_len - 1] == PHP_DIR_SEPARATOR || basedir[basedir_len - 1] == '/') {
222 #else
223 if (basedir[basedir_len - 1] == PHP_DIR_SEPARATOR) {
224 #endif
225 if (resolved_basedir[resolved_basedir_len - 1] != PHP_DIR_SEPARATOR) {
226 resolved_basedir[resolved_basedir_len] = PHP_DIR_SEPARATOR;
227 resolved_basedir[++resolved_basedir_len] = '\0';
228 }
229 } else {
230 resolved_basedir[resolved_basedir_len++] = PHP_DIR_SEPARATOR;
231 resolved_basedir[resolved_basedir_len] = '\0';
232 }
233
234 resolved_name_len = strlen(resolved_name);
235 if (path_tmp[path_len - 1] == PHP_DIR_SEPARATOR) {
236 if (resolved_name[resolved_name_len - 1] != PHP_DIR_SEPARATOR) {
237 resolved_name[resolved_name_len] = PHP_DIR_SEPARATOR;
238 resolved_name[++resolved_name_len] = '\0';
239 }
240 }
241
242 /* Check the path */
243 #ifdef PHP_WIN32
244 if (strncasecmp(resolved_basedir, resolved_name, resolved_basedir_len) == 0) {
245 #else
246 if (strncmp(resolved_basedir, resolved_name, resolved_basedir_len) == 0) {
247 #endif
248 if (resolved_name_len > resolved_basedir_len &&
249 resolved_name[resolved_basedir_len - 1] != PHP_DIR_SEPARATOR) {
250 return -1;
251 } else {
252 /* File is in the right directory */
253 return 0;
254 }
255 } else {
256 /* /openbasedir/ and /openbasedir are the same directory */
257 if (resolved_basedir_len == (resolved_name_len + 1) && resolved_basedir[resolved_basedir_len - 1] == PHP_DIR_SEPARATOR) {
258 #ifdef PHP_WIN32
259 if (strncasecmp(resolved_basedir, resolved_name, resolved_name_len) == 0) {
260 #else
261 if (strncmp(resolved_basedir, resolved_name, resolved_name_len) == 0) {
262 #endif
263 return 0;
264 }
265 }
266 return -1;
267 }
268 } else {
269 /* Unable to resolve the real path, return -1 */
270 return -1;
271 }
272 }
273 /* }}} */
274
275 PHPAPI int php_check_open_basedir(const char *path)
276 {
277 return php_check_open_basedir_ex(path, 1);
278 }
279
280 /* {{{ php_check_open_basedir
281 */
282 PHPAPI int php_check_open_basedir_ex(const char *path, int warn)
283 {
284 /* Only check when open_basedir is available */
285 if (PG(open_basedir) && *PG(open_basedir)) {
286 char *pathbuf;
287 char *ptr;
288 char *end;
289
290 /* Check if the path is too long so we can give a more useful error
291 * message. */
292 if (strlen(path) > (MAXPATHLEN - 1)) {
293 php_error_docref(NULL, E_WARNING, "File name is longer than the maximum allowed path length on this platform (%d): %s", MAXPATHLEN, path);
294 errno = EINVAL;
295 return -1;
296 }
297
298 pathbuf = estrdup(PG(open_basedir));
299
300 ptr = pathbuf;
301
302 while (ptr && *ptr) {
303 end = strchr(ptr, DEFAULT_DIR_SEPARATOR);
304 if (end != NULL) {
305 *end = '\0';
306 end++;
307 }
308
309 if (php_check_specific_open_basedir(ptr, path) == 0) {
310 efree(pathbuf);
311 return 0;
312 }
313
314 ptr = end;
315 }
316 if (warn) {
317 php_error_docref(NULL, E_WARNING, "open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));
318 }
319 efree(pathbuf);
320 errno = EPERM; /* we deny permission to open it */
321 return -1;
322 }
323
324 /* Nothing to check... */
325 return 0;
326 }
327 /* }}} */
328
329 /* {{{ php_fopen_and_set_opened_path
330 */
331 static FILE *php_fopen_and_set_opened_path(const char *path, const char *mode, zend_string **opened_path)
332 {
333 FILE *fp;
334
335 if (php_check_open_basedir((char *)path)) {
336 return NULL;
337 }
338 fp = VCWD_FOPEN(path, mode);
339 if (fp && opened_path) {
340 //TODO :avoid reallocation
341 char *tmp = expand_filepath_with_mode(path, NULL, NULL, 0, CWD_EXPAND);
342 if (tmp) {
343 *opened_path = zend_string_init(tmp, strlen(tmp), 0);
344 efree(tmp);
345 }
346 }
347 return fp;
348 }
349 /* }}} */
350
351 /* {{{ php_fopen_primary_script
352 */
353 PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle)
354 {
355 char *path_info;
356 char *filename = NULL;
357 zend_string *resolved_path = NULL;
358 int length;
359 zend_bool orig_display_errors;
360
361 path_info = SG(request_info).request_uri;
362 #if HAVE_PWD_H
363 if (PG(user_dir) && *PG(user_dir) && path_info && '/' == path_info[0] && '~' == path_info[1]) {
364 char *s = strchr(path_info + 2, '/');
365
366 if (s) { /* if there is no path name after the file, do not bother */
367 char user[32]; /* to try open the directory */
368 struct passwd *pw;
369 #if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX)
370 struct passwd pwstruc;
371 long pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
372 char *pwbuf;
373
374 if (pwbuflen < 1) {
375 return FAILURE;
376 }
377
378 pwbuf = emalloc(pwbuflen);
379 #endif
380 length = s - (path_info + 2);
381 if (length > (int)sizeof(user) - 1) {
382 length = sizeof(user) - 1;
383 }
384 memcpy(user, path_info + 2, length);
385 user[length] = '\0';
386 #if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX)
387 if (getpwnam_r(user, &pwstruc, pwbuf, pwbuflen, &pw)) {
388 efree(pwbuf);
389 return FAILURE;
390 }
391 #else
392 pw = getpwnam(user);
393 #endif
394 if (pw && pw->pw_dir) {
395 spprintf(&filename, 0, "%s%c%s%c%s", pw->pw_dir, PHP_DIR_SEPARATOR, PG(user_dir), PHP_DIR_SEPARATOR, s + 1); /* Safe */
396 } else {
397 filename = SG(request_info).path_translated;
398 }
399 #if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX)
400 efree(pwbuf);
401 #endif
402 }
403 } else
404 #endif
405 if (PG(doc_root) && path_info && (length = (int)strlen(PG(doc_root))) &&
406 IS_ABSOLUTE_PATH(PG(doc_root), length)) {
407 int path_len = (int)strlen(path_info);
408 filename = emalloc(length + path_len + 2);
409 memcpy(filename, PG(doc_root), length);
410 if (!IS_SLASH(filename[length - 1])) { /* length is never 0 */
411 filename[length++] = PHP_DIR_SEPARATOR;
412 }
413 if (IS_SLASH(path_info[0])) {
414 length--;
415 }
416 strncpy(filename + length, path_info, path_len + 1);
417 } else {
418 filename = SG(request_info).path_translated;
419 }
420
421
422 if (filename) {
423 resolved_path = zend_resolve_path(filename, (int)strlen(filename));
424 }
425
426 if (!resolved_path) {
427 if (SG(request_info).path_translated != filename) {
428 if (filename) {
429 efree(filename);
430 }
431 }
432 /* we have to free SG(request_info).path_translated here because
433 * php_destroy_request_info assumes that it will get
434 * freed when the include_names hash is emptied, but
435 * we're not adding it in this case */
436 if (SG(request_info).path_translated) {
437 efree(SG(request_info).path_translated);
438 SG(request_info).path_translated = NULL;
439 }
440 return FAILURE;
441 }
442 zend_string_release(resolved_path);
443
444 orig_display_errors = PG(display_errors);
445 PG(display_errors) = 0;
446 if (zend_stream_open(filename, file_handle) == FAILURE) {
447 PG(display_errors) = orig_display_errors;
448 if (SG(request_info).path_translated != filename) {
449 if (filename) {
450 efree(filename);
451 }
452 }
453 if (SG(request_info).path_translated) {
454 efree(SG(request_info).path_translated);
455 SG(request_info).path_translated = NULL;
456 }
457 return FAILURE;
458 }
459 PG(display_errors) = orig_display_errors;
460
461 if (SG(request_info).path_translated != filename) {
462 if (SG(request_info).path_translated) {
463 efree(SG(request_info).path_translated);
464 }
465 SG(request_info).path_translated = filename;
466 }
467
468 return SUCCESS;
469 }
470 /* }}} */
471
472 /* {{{ php_resolve_path
473 * Returns the realpath for given filename according to include path
474 */
475 PHPAPI zend_string *php_resolve_path(const char *filename, int filename_length, const char *path)
476 {
477 char resolved_path[MAXPATHLEN];
478 char trypath[MAXPATHLEN];
479 const char *ptr, *end, *p;
480 const char *actual_path;
481 php_stream_wrapper *wrapper;
482 zend_string *exec_filename;
483
484 if (!filename || CHECK_NULL_PATH(filename, filename_length)) {
485 return NULL;
486 }
487
488 /* Don't resolve paths which contain protocol (except of file://) */
489 for (p = filename; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
490 if ((*p == ':') && (p - filename > 1) && (p[1] == '/') && (p[2] == '/')) {
491 wrapper = php_stream_locate_url_wrapper(filename, &actual_path, STREAM_OPEN_FOR_INCLUDE);
492 if (wrapper == &php_plain_files_wrapper) {
493 if (tsrm_realpath(actual_path, resolved_path)) {
494 return zend_string_init(resolved_path, strlen(resolved_path), 0);
495 }
496 }
497 return NULL;
498 }
499
500 if ((*filename == '.' &&
501 (IS_SLASH(filename[1]) ||
502 ((filename[1] == '.') && IS_SLASH(filename[2])))) ||
503 IS_ABSOLUTE_PATH(filename, filename_length) ||
504 #ifdef PHP_WIN32
505 /* This should count as an absolute local path as well, however
506 IS_ABSOLUTE_PATH doesn't care about this path form till now. It
507 might be a big thing to extend, thus just a local handling for
508 now. */
509 filename_length >=2 && IS_SLASH(filename[0]) && !IS_SLASH(filename[1]) ||
510 #endif
511 !path ||
512 !*path) {
513 if (tsrm_realpath(filename, resolved_path)) {
514 return zend_string_init(resolved_path, strlen(resolved_path), 0);
515 } else {
516 return NULL;
517 }
518 }
519
520 ptr = path;
521 while (ptr && *ptr) {
522 /* Check for stream wrapper */
523 int is_stream_wrapper = 0;
524
525 for (p = ptr; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
526 if ((*p == ':') && (p - ptr > 1) && (p[1] == '/') && (p[2] == '/')) {
527 /* .:// or ..:// is not a stream wrapper */
528 if (p[-1] != '.' || p[-2] != '.' || p - 2 != ptr) {
529 p += 3;
530 is_stream_wrapper = 1;
531 }
532 }
533 end = strchr(p, DEFAULT_DIR_SEPARATOR);
534 if (end) {
535 if (filename_length > (MAXPATHLEN - 2) || (end-ptr) > MAXPATHLEN || (end-ptr) + 1 + (size_t)filename_length + 1 >= MAXPATHLEN) {
536 ptr = end + 1;
537 continue;
538 }
539 memcpy(trypath, ptr, end-ptr);
540 trypath[end-ptr] = '/';
541 memcpy(trypath+(end-ptr)+1, filename, filename_length+1);
542 ptr = end+1;
543 } else {
544 size_t len = strlen(ptr);
545
546 if (filename_length > (MAXPATHLEN - 2) || len > MAXPATHLEN || len + 1 + (size_t)filename_length + 1 >= MAXPATHLEN) {
547 break;
548 }
549 memcpy(trypath, ptr, len);
550 trypath[len] = '/';
551 memcpy(trypath+len+1, filename, filename_length+1);
552 ptr = NULL;
553 }
554 actual_path = trypath;
555 if (is_stream_wrapper) {
556 wrapper = php_stream_locate_url_wrapper(trypath, &actual_path, STREAM_OPEN_FOR_INCLUDE);
557 if (!wrapper) {
558 continue;
559 } else if (wrapper != &php_plain_files_wrapper) {
560 if (wrapper->wops->url_stat) {
561 php_stream_statbuf ssb;
562
563 if (SUCCESS == wrapper->wops->url_stat(wrapper, trypath, 0, &ssb, NULL)) {
564 return zend_string_init(trypath, strlen(trypath), 0);
565 }
566 }
567 continue;
568 }
569 }
570 if (tsrm_realpath(actual_path, resolved_path)) {
571 return zend_string_init(resolved_path, strlen(resolved_path), 0);
572 }
573 } /* end provided path */
574
575 /* check in calling scripts' current working directory as a fall back case
576 */
577 if (zend_is_executing() &&
578 (exec_filename = zend_get_executed_filename_ex()) != NULL) {
579 const char *exec_fname = ZSTR_VAL(exec_filename);
580 size_t exec_fname_length = ZSTR_LEN(exec_filename);
581
582 while ((--exec_fname_length < SIZE_MAX) && !IS_SLASH(exec_fname[exec_fname_length]));
583 if (exec_fname_length > 0 &&
584 filename_length < (MAXPATHLEN - 2) &&
585 exec_fname_length + 1 + filename_length + 1 < MAXPATHLEN) {
586 memcpy(trypath, exec_fname, exec_fname_length + 1);
587 memcpy(trypath+exec_fname_length + 1, filename, filename_length+1);
588 actual_path = trypath;
589
590 /* Check for stream wrapper */
591 for (p = trypath; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
592 if ((*p == ':') && (p - trypath > 1) && (p[1] == '/') && (p[2] == '/')) {
593 wrapper = php_stream_locate_url_wrapper(trypath, &actual_path, STREAM_OPEN_FOR_INCLUDE);
594 if (!wrapper) {
595 return NULL;
596 } else if (wrapper != &php_plain_files_wrapper) {
597 if (wrapper->wops->url_stat) {
598 php_stream_statbuf ssb;
599
600 if (SUCCESS == wrapper->wops->url_stat(wrapper, trypath, 0, &ssb, NULL)) {
601 return zend_string_init(trypath, strlen(trypath), 0);
602 }
603 }
604 return NULL;
605 }
606 }
607
608 if (tsrm_realpath(actual_path, resolved_path)) {
609 return zend_string_init(resolved_path, strlen(resolved_path), 0);
610 }
611 }
612 }
613
614 return NULL;
615 }
616 /* }}} */
617
618 /* {{{ php_fopen_with_path
619 * Tries to open a file with a PATH-style list of directories.
620 * If the filename starts with "." or "/", the path is ignored.
621 */
622 PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const char *path, zend_string **opened_path)
623 {
624 char *pathbuf, *ptr, *end;
625 char trypath[MAXPATHLEN];
626 FILE *fp;
627 int filename_length;
628 zend_string *exec_filename;
629
630 if (opened_path) {
631 *opened_path = NULL;
632 }
633
634 if (!filename) {
635 return NULL;
636 }
637
638 filename_length = (int)strlen(filename);
639 #ifndef PHP_WIN32
640 (void) filename_length;
641 #endif
642
643 /* Relative path open */
644 if ((*filename == '.')
645 /* Absolute path open */
646 || IS_ABSOLUTE_PATH(filename, filename_length)
647 || (!path || !*path)
648 ) {
649 return php_fopen_and_set_opened_path(filename, mode, opened_path);
650 }
651
652 /* check in provided path */
653 /* append the calling scripts' current working directory
654 * as a fall back case
655 */
656 if (zend_is_executing() &&
657 (exec_filename = zend_get_executed_filename_ex()) != NULL) {
658 const char *exec_fname = ZSTR_VAL(exec_filename);
659 size_t exec_fname_length = ZSTR_LEN(exec_filename);
660
661 while ((--exec_fname_length < SIZE_MAX) && !IS_SLASH(exec_fname[exec_fname_length]));
662 if ((exec_fname && exec_fname[0] == '[') || exec_fname_length <= 0) {
663 /* [no active file] or no path */
664 pathbuf = estrdup(path);
665 } else {
666 size_t path_length = strlen(path);
667
668 pathbuf = (char *) emalloc(exec_fname_length + path_length + 1 + 1);
669 memcpy(pathbuf, path, path_length);
670 pathbuf[path_length] = DEFAULT_DIR_SEPARATOR;
671 memcpy(pathbuf + path_length + 1, exec_fname, exec_fname_length);
672 pathbuf[path_length + exec_fname_length + 1] = '\0';
673 }
674 } else {
675 pathbuf = estrdup(path);
676 }
677
678 ptr = pathbuf;
679
680 while (ptr && *ptr) {
681 end = strchr(ptr, DEFAULT_DIR_SEPARATOR);
682 if (end != NULL) {
683 *end = '\0';
684 end++;
685 }
686 if (snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename) >= MAXPATHLEN) {
687 php_error_docref(NULL, E_NOTICE, "%s/%s path was truncated to %d", ptr, filename, MAXPATHLEN);
688 }
689 fp = php_fopen_and_set_opened_path(trypath, mode, opened_path);
690 if (fp) {
691 efree(pathbuf);
692 return fp;
693 }
694 ptr = end;
695 } /* end provided path */
696
697 efree(pathbuf);
698 return NULL;
699 }
700 /* }}} */
701
702 /* {{{ php_strip_url_passwd
703 */
704 PHPAPI char *php_strip_url_passwd(char *url)
705 {
706 register char *p, *url_start;
707
708 if (url == NULL) {
709 return "";
710 }
711
712 p = url;
713
714 while (*p) {
715 if (*p == ':' && *(p + 1) == '/' && *(p + 2) == '/') {
716 /* found protocol */
717 url_start = p = p + 3;
718
719 while (*p) {
720 if (*p == '@') {
721 int i;
722
723 for (i = 0; i < 3 && url_start < p; i++, url_start++) {
724 *url_start = '.';
725 }
726 for (; *p; p++) {
727 *url_start++ = *p;
728 }
729 *url_start=0;
730 break;
731 }
732 p++;
733 }
734 return url;
735 }
736 p++;
737 }
738 return url;
739 }
740 /* }}} */
741
742 /* {{{ expand_filepath
743 */
744 PHPAPI char *expand_filepath(const char *filepath, char *real_path)
745 {
746 return expand_filepath_ex(filepath, real_path, NULL, 0);
747 }
748 /* }}} */
749
750 /* {{{ expand_filepath_ex
751 */
752 PHPAPI char *expand_filepath_ex(const char *filepath, char *real_path, const char *relative_to, size_t relative_to_len)
753 {
754 return expand_filepath_with_mode(filepath, real_path, relative_to, relative_to_len, CWD_FILEPATH);
755 }
756 /* }}} */
757
758 /* {{{ expand_filepath_use_realpath
759 */
760 PHPAPI char *expand_filepath_with_mode(const char *filepath, char *real_path, const char *relative_to, size_t relative_to_len, int realpath_mode)
761 {
762 cwd_state new_state;
763 char cwd[MAXPATHLEN];
764 int copy_len;
765 int path_len;
766
767 if (!filepath[0]) {
768 return NULL;
769 }
770
771 path_len = (int)strlen(filepath);
772
773 if (IS_ABSOLUTE_PATH(filepath, path_len)) {
774 cwd[0] = '\0';
775 } else {
776 const char *iam = SG(request_info).path_translated;
777 const char *result;
778 if (relative_to) {
779 if (relative_to_len > MAXPATHLEN-1U) {
780 return NULL;
781 }
782 result = relative_to;
783 memcpy(cwd, relative_to, relative_to_len+1U);
784 } else {
785 result = VCWD_GETCWD(cwd, MAXPATHLEN);
786 }
787
788 if (!result && (iam != filepath)) {
789 int fdtest = -1;
790
791 fdtest = VCWD_OPEN(filepath, O_RDONLY);
792 if (fdtest != -1) {
793 /* return a relative file path if for any reason
794 * we cannot cannot getcwd() and the requested,
795 * relatively referenced file is accessible */
796 copy_len = path_len > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : path_len;
797 if (real_path) {
798 memcpy(real_path, filepath, copy_len);
799 real_path[copy_len] = '\0';
800 } else {
801 real_path = estrndup(filepath, copy_len);
802 }
803 close(fdtest);
804 return real_path;
805 } else {
806 cwd[0] = '\0';
807 }
808 } else if (!result) {
809 cwd[0] = '\0';
810 }
811 }
812
813 new_state.cwd = estrdup(cwd);
814 new_state.cwd_length = (int)strlen(cwd);
815
816 if (virtual_file_ex(&new_state, filepath, NULL, realpath_mode)) {
817 efree(new_state.cwd);
818 return NULL;
819 }
820
821 if (real_path) {
822 copy_len = new_state.cwd_length > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : new_state.cwd_length;
823 memcpy(real_path, new_state.cwd, copy_len);
824 real_path[copy_len] = '\0';
825 } else {
826 real_path = estrndup(new_state.cwd, new_state.cwd_length);
827 }
828 efree(new_state.cwd);
829
830 return real_path;
831 }
832 /* }}} */
833
834 /*
835 * Local variables:
836 * tab-width: 4
837 * c-basic-offset: 4
838 * End:
839 * vim600: sw=4 ts=4 fdm=marker
840 * vim<600: sw=4 ts=4
841 */
842
