/* looks like strstr finds an occurrence of something in the string */
/* php 4-3-x */
/* {{{ php_Exec
* If type==0, only last line of output is returned (exec)
* If type==1, all lines will be printed and last lined returned (system)
* If type==2, all lines will be saved to given array (exec with &$array)
* If type==3, output will be printed binary, no lines will be saved or returned (passthru)
*
*/
int php_Exec(int type, char *cmd, pval *array, pval *return_value TSRMLS_DC)
{
FILE *fp;
char *buf, *tmp=NULL;
int buflen = 0;
int t, l, output=1;
int overflow_limit, lcmd, ldir;
char *b, *c, *d=NULL;
php_stream *stream = NULL;
int pclose_return = 0;
#if PHP_SIGCHILD
void (*sig_handler)();
#endif
buf = (char *) emalloc(EXEC_INPUT_BUF);
if (!buf) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to emalloc %d bytes for exec buffer", EXEC_INPUT_BUF);
return -1;
}
buflen = EXEC_INPUT_BUF;
if (PG(safe_mode)) {
lcmd = strlen(cmd);
ldir = strlen(PG(safe_mode_exec_dir));
l = lcmd + ldir + 2;
overflow_limit = l;
c = strchr(cmd, ' ');
if (c) *c = '\0';
if (strstr(cmd, "..")) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "No '..' components allowed in path");
efree(buf);
return -1;
}
d = emalloc(l);
strcpy(d, PG(safe_mode_exec_dir));
overflow_limit -= ldir;
b = strrchr(cmd, PHP_DIR_SEPARATOR);
if (b) {
strcat(d, b);
overflow_limit -= strlen(b);
} else {
strcat(d, "/");
strcat(d, cmd);
overflow_limit-=(strlen(cmd)+1);
}
if (c) {
*c = ' ';
strncat(d, c, overflow_limit);
}
tmp = php_escape_shell_cmd(d);
efree(d);
d = tmp;
#if PHP_SIGCHILD
sig_handler = signal (SIGCHLD, SIG_DFL);
#endif
#ifdef PHP_WIN32
fp = VCWD_POPEN(d, "rb");
#else
fp = VCWD_POPEN(d, "r");
#endif
if (!fp) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to fork [%s]", d);
efree(d);
efree(buf);
#if PHP_SIGCHILD
signal (SIGCHLD, sig_handler);
#endif
return -1;
}
} else { /* not safe_mode */
} // end cut
} // end cut
return to top
