Handle open_basedir checks

mgdm · mgdm · Dec 5, 2013 · Nov 1, 2013 · Nov 3, 2013 · Nov 4, 2013
commit 9a9bdb5a27292d10f0e2b8f66339ad9d15dd6437
diff --git a/mosquitto.c b/mosquitto.c
@@ -122,22 +122,30 @@ PHP_METHOD(Mosquitto_Client, setTlsCertificates)
  zend_bool is_dir = 0;
 
  PHP_MOSQUITTO_ERROR_HANDLING();
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|sss", 
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s!|s!s!s!",
  &ca_path, &ca_path_len,
  &cert_path, &cert_path_len,
  &key_path, &key_path_len,
  &key_pw, &key_pw_len) == FAILURE) {
  PHP_MOSQUITTO_RESTORE_ERRORS();
  return;
  }
+
+ if ((php_check_open_basedir(ca_path TSRMLS_CC) < 0) ||
+ (php_check_open_basedir(cert_path TSRMLS_CC) < 0) ||
+ (php_check_open_basedir(key_path TSRMLS_CC) < 0))
+ {
+ PHP_MOSQUITTO_RESTORE_ERRORS();
+ return;
+ }
+
  PHP_MOSQUITTO_RESTORE_ERRORS();
 
  object = (mosquitto_client_object *) zend_object_store_get_object(getThis() TSRMLS_CC);
 
  php_stat(ca_path, ca_path_len, FS_IS_DIR, stat TSRMLS_CC);
  is_dir = Z_BVAL_P(stat);
  zval_dtor(stat);
- FREE_ZVAL(stat);
 
  if (is_dir) {
  retval = mosquitto_tls_set(object->client, NULL, ca_path, cert_path, key_path, NULL);