Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)

Author: laruence

NEWS

@@ -6,6 +6,10 @@ PHP                                                                        NEWS
   . Fixed bug #61546 (functions related to current script failed when chdir() 
     in cli sapi). (Laruence, [email protected])
 
+- CURL
+  . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
+    (Laruence)
+
 - Core:
   . Fixed missing bound check in iptcparse(). (chris at chiappa.net)
   . Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo)

ext/curl/interface.c

@@ -2167,7 +2167,7 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu
 
 			convert_to_string_ex(zvalue);
 
-			if (php_check_open_basedir(Z_STRVAL_PP(zvalue) TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(zvalue), "rb+", CHECKUID_CHECK_MODE_PARAM))) {
+			if (!Z_STRLEN_PP(zvalue) || php_check_open_basedir(Z_STRVAL_PP(zvalue) TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(zvalue), "rb+", CHECKUID_CHECK_MODE_PARAM))) {
 				RETVAL_FALSE;
 				return 1;
 			}

ext/curl/tests/bug61948.phpt

@@ -0,0 +1,20 @@
+--TEST--
+Bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
+--SKIPIF--
+<?php if (!extension_loaded("curl")) print "skip"; ?>
+--INI--
+open_basedir="/tmp"
+--FILE--
+<?php
+  $ch = curl_init();
+  var_dump(curl_setopt($ch, CURLOPT_COOKIEFILE, ""));
+  var_dump(curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/foo"));
+  var_dump(curl_setopt($ch, CURLOPT_COOKIEFILE, "/xxx/bar"));
+  curl_close($ch);
+?>
+--EXPECTF--
+bool(false)
+bool(true)
+
+Warning: curl_setopt(): open_basedir restriction in effect. File(/xxx/bar) is not within the allowed path(s): (/tmp) in %sbug61948.php on line %d
+bool(false)