WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Replace use of tmpfile() with a safe get_temp_dir(). tmpfile() may use a temporary directly which is not writable. Add static caching to get_temp_dir() & better protect against bad server configs. Fixes #12866 

git-svn-id: http://svn.automattic.com/wordpress/trunk@14016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
dd32 2010-04-06 11:20:51 +00:00
parent 07a523894a
commit d5ee7bca10
2 changed files with 21 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
wp-admin/includes/class-wp-filesystem-ftpext.php
View File

@ -92,7 +92,9 @@ class WP_Filesystem_FTPext extends WP_Filesystem_Base {
if ( empty($type) ) if ( empty($type) )
$type = FTP_BINARY; $type = FTP_BINARY;
$temp = tmpfile(); $tempfile = wp_tempnam($file);
$temp = fopen($tempfile, 'w+');
if ( ! $temp ) if ( ! $temp )
return false; return false;
@ -106,6 +108,7 @@ class WP_Filesystem_FTPext extends WP_Filesystem_Base {
$contents .= fread($temp, 8192); $contents .= fread($temp, 8192);
fclose($temp); fclose($temp);
unlink($tempfile);
return $contents; return $contents;
} }
function get_contents_array($file) { function get_contents_array($file) {
@ -113,7 +116,8 @@ class WP_Filesystem_FTPext extends WP_Filesystem_Base {
} }
function put_contents($file, $contents, $mode = false ) { function put_contents($file, $contents, $mode = false ) {
$temp = tmpfile(); $tempfile = wp_tempnam($file);
$temp = fopen($tempfile, 'w+');
if ( ! $temp ) if ( ! $temp )
return false; return false;
@ -124,6 +128,7 @@ class WP_Filesystem_FTPext extends WP_Filesystem_Base {
$ret = @ftp_fput($this->link, $file, $temp, $type); $ret = @ftp_fput($this->link, $file, $temp, $type);
fclose($temp); fclose($temp);
unlink($tempfile);
$this->chmod($file, $mode); $this->chmod($file, $mode);

18
wp-admin/includes/file.php
View File

@ -149,21 +149,29 @@ function list_files( $folder = '', $levels = 100 ) {
* @return string Writable temporary directory * @return string Writable temporary directory
*/ */
function get_temp_dir() { function get_temp_dir() {
static $temp;
if ( defined('WP_TEMP_DIR') ) if ( defined('WP_TEMP_DIR') )
return trailingslashit(WP_TEMP_DIR); return trailingslashit(WP_TEMP_DIR);
if ( $temp )
return trailingslashit($temp);
$temp = WP_CONTENT_DIR . '/'; $temp = WP_CONTENT_DIR . '/';
if ( is_dir($temp) && is_writable($temp) ) if ( is_dir($temp) && is_writable($temp) )
return $temp; return $temp;
if ( function_exists('sys_get_temp_dir') ) if ( function_exists('sys_get_temp_dir') ) {
return trailingslashit(sys_get_temp_dir()); $temp = sys_get_temp_dir();
if ( is_writable($temp) )
return trailingslashit($temp);
}
$temp = ini_get('upload_tmp_dir'); $temp = ini_get('upload_tmp_dir');
if ( is_dir($temp) ) // always writable if ( is_dir($temp) && is_writable($temp) )
return trailingslashit($temp); return trailingslashit($temp);
return '/tmp/'; $temp = '/tmp/';
return $temp;
} }
/** /**
@ -603,7 +611,7 @@ function _unzip_file_ziparchive($file, $to, $needed_dirs = array() ) {
return new WP_Error('extract_failed', __('Could not extract file from archive.'), $info['name']); return new WP_Error('extract_failed', __('Could not extract file from archive.'), $info['name']);
if ( ! $wp_filesystem->put_contents( $to . $info['name'], $contents, FS_CHMOD_FILE) ) if ( ! $wp_filesystem->put_contents( $to . $info['name'], $contents, FS_CHMOD_FILE) )
return new WP_Error('copy_failed', __('Could not copy file.'), $to . $file['filename']); return new WP_Error('copy_failed', __('Could not copy file.'), $to . $info['filename']);
} }
$z->close(); $z->close();