archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

fix for bug 15516, patch submitted by torben@php.net

Browse source
This commit is contained in:
Dan Kalowsky 2002-02-15 17:24:44 +00:00
parent b8a5daf59c
commit cd88ac738b
1 changed files with 17 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

20
ext/odbc/php_odbc.c
View file

@ -943,10 +943,21 @@ PHP_FUNCTION(odbc_execute)
else else
ctype = SQL_C_CHAR; ctype = SQL_C_CHAR;
if (Z_STRVAL_PP(tmp)[0] == '\'' && if (Z_STRLEN_PP(tmp) > 2 &&
Z_STRVAL_PP(tmp)[0] == '\'' &&
Z_STRVAL_PP(tmp)[Z_STRLEN_PP(tmp) - 1] == '\'') { Z_STRVAL_PP(tmp)[Z_STRLEN_PP(tmp) - 1] == '\'') {
filename = &Z_STRVAL_PP(tmp)[1]; filename = estrndup(&Z_STRVAL_PP(tmp)[1], Z_STRLEN_PP(tmp) - 2);
filename[Z_STRLEN_PP(tmp) - 2] = '\0'; filename[strlen(filename)] = '\0';
/* Check for safe mode. */
if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
RETURN_FALSE;
}
/* Check the basedir */
if (php_check_open_basedir(filename TSRMLS_CC)) {
RETURN_FALSE;
}
if ((params[i-1].fp = open(filename,O_RDONLY)) == -1) { if ((params[i-1].fp = open(filename,O_RDONLY)) == -1) {
php_error(E_WARNING,"Can't open file %s", filename); php_error(E_WARNING,"Can't open file %s", filename);
@ -957,9 +968,12 @@ PHP_FUNCTION(odbc_execute)
} }
} }
efree(params); efree(params);
efree(filename);
RETURN_FALSE; RETURN_FALSE;
} }
efree(filename);
params[i-1].vallen = SQL_LEN_DATA_AT_EXEC(0); params[i-1].vallen = SQL_LEN_DATA_AT_EXEC(0);
rc = SQLBindParameter(result->stmt, (UWORD)i, SQL_PARAM_INPUT, rc = SQLBindParameter(result->stmt, (UWORD)i, SQL_PARAM_INPUT,