Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

PHP tempname()º¯ÊýÈƹýsafe_mode°²È«ÏÞÖÆ©¶´

BUGTRAQ ID: 36555
CVE ID: CVE-2009-3557
PHPÊǹ㷺ʹÓõÄͨÓÃÄ¿µÄ½Å±¾ÓïÑÔ£¬ÌرðÊʺÏÓÚWeb¿ª·¢£¬¿ÉǶÈëµ½HTMLÖС£
PHPµÄtempnam()ÖеĴíÎó¿ÉÄÜÔÊÐíÈƹýsafe_modeÏÞÖÆ¡£ÒÔÏÂÊÇext/standard/file.cÖеÄÓЩ¶´´úÂë¶Î£º
PHP_FUNCTION(tempnam)
{
char *dir, *prefix;
int dir_len, prefix_len;
size_t p_len;
char *opened_path;
char *p;
int fd;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &dir, &dir_len,
&prefix, &prefix_len) == FAILURE) {
return;
}
if (php_check_open_basedir(dir TSRMLS_CC)) { [1]
RETURN_FALSE;
}
php_basename(prefix, prefix_len, NULL, 0, &p, &p_len TSRMLS_CC);
if (p_len > 64) {
p[63] = '\0';mud pump
}
if ((fd = php_open_temporary_fd(dir, p, &opened_path TSRMLS_CC)) >= 0) {
close(fd);
RETVAL_STRING(opened_path, 0);
}
efree(p);
}
ÔÚ[1]´¦tempnam()º¯Êý½ö¼ì²éÁËopen_basedirÖµ¡£
<*²Î¿¼
http://securityreason.com/securityalert/6601
http://secunia.com/advisories/37412/
*>
SEBUG°²È«½¨Òé:
³§É̲¹¶¡£º
PHP
---
Ä¿Ç°³§ÉÌÒѾ­·¢²¼ÁËÉý¼¶²¹¶¡ÒÔÐÞ¸´Õâ¸ö°²È«ÎÊÌ⣬Çëµ½³§É̵ÄÖ÷Ò³ÏÂÔØ£º
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/file.c?view=log
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/file.c?view=log
ÖýÂÁ¼þ Ä¥ÃºÅç·Û»ú  ·ç»úÒ¶ÂÖ ÖýÍ­¼þ 


Ïà¹ØÎĵµ£º

PHP½âÒÉ(תÔØ)

PHP½âÒÉ
1. ´úÂëÖØÓ÷½·¨include()ºÍrequire()º¯Êý²îÒ죿
1) Require()º¯Êý
ʹÓÃrequier()°üº¬ÍⲿphpÎļþʱ£¬Ö»Òª×ÔÉíphpÎļþ±»Ö´ÐУ¬ÍⲿÎļþµÄÄÚÈݾͽ«±»°üº¬½ø¸Ã×ÔÉíphpÎļþ£¬µ±°üº¬µÄÍⲿÎļþ·¢Éú´íÎóʱ£¬ÏµÍ³½«¸ø³ö´íÎóÌáʾ£¬²¢ÇÒÍ£Ö¹phpÎļþµÄÖ´ÐС£
ʾÀý£º
µ÷ÓÃÎļþconfig.incµÄ³ÌÐò´úÂ룺
<?php  ec ......

phpºÍjava¹ØÓÚĿ¼Ê÷£¨ÁгöijһĿ¼ÏÂÎļþ½á¹¹£©

javaµÄд·¨
/**
*
* @param location
* @param nameList±£´æ½á¹ûµÄ£¡
*/
public void listDict(String location, List<String> nameList) {
File fileList = new File(location);
if (fileList.isDirectory()) {
File[] files = fileList.listFiles();
for (File f : files) {
i ......

phpÀïÈçºÎ°Ñ×Ö·û´®×ª»»³É×Ö·ûÊý×é

 ½â¾öµÄ°ì·¨Óкü¸¸ö£º
µÚÒ»¸öÊÇ£ºstr_split()£¬Õâ¸ö·½·¨ÊÇPHP5¼ÓÈëµÄ¡£
<?php
$str = "Hello Friend";
$arr1 = str_split($str);
$arr2 = str_split($str, 3);
print_r($arr1);
print_r($arr2);
?>
Êä³ö¾ÍÊÇ£º
Array
(
[0] => H
[1] => e
[2] => l
[3] => l
......

PHPÖе¥ÒýºÅºÍË«ÒýºÅµÄÓ÷¨¾ÙÀý


Ò»Ö±¶¼ÒÔΪÔÚPHPÖУ¬' ºÍ"ÊÇûÓÐÇø±ðµÄ£¬½ñÌì¿´ÁËÖÐÔ­´óѧËïÖÙÔÀÀÏʦµÄÊÓƵ½Ì³Ì£¬²Å·¢ÏÖ£¬ÕâÁ½ÕßÓ÷¨ÊÇÓÐÇø±ðµÄ£¬¾Ù¸ö¼òµ¥µÄÀý×Ó£º
1.php
  <?$str='±ù¶³Óã';
  echo '$str µÄ²©¿ÍµØÖ·ÊÇhttp://www.webxuexi.net' ;//×¢ÒâÕâÀïÊǵ¥ÒýºÅŶ
?>
2.php
<?
  $str='±ù¶³Óã';
  echo ......

[ת]PHP ÖÐÇÉÓÃÊý×é½µµÍ³ÌÐòµÄʱ¼ä¸´ÔÓ¶È


PHP ÖÐÇÉÓÃÊý×é½µµÍ³ÌÐòµÄʱ¼ä¸´ÔÓ¶È
 
 
 
±¾ÎÄÖ÷ÒªÊǽéÉÜÔÚ PHP µÄ±à³ÌÖУ¬ÈçºÎÇÉÓÃÊý×éÀ´½µµÍÒò¶à²ãÑ­»·¶øÒýÆðµÄʱ¼ä¸´ÔӶȵÄÎÊÌâ¡£ÌرðÊǵ±³ÌÐòÐèÒª¶à´ÎÓëÊý¾Ý¿â½»»¥Ê±£¬Óô˷½·¨À´ÓÅ»¯ÄãµÄ´úÂ룬½«»á´ø¸øÒâÏë²»µ½µÄЧ¹û¡£
ͨ³£¿ª·¢ÈËÔ±ÔÚд³ÌÐòµÄʱºò£¬ÍùÍùÊÇ°ÑÒѾ­Éè¼ÆºÃ»òÕß¹¹Ë¼ºÃµÄÔËËãÂß¼­£ ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ