Changeset 20920


Ignore:
Timestamp:
2011/05/11 15:24:46 (10 years ago)
Author:
nanasess
bzr:base-revision:
svn-v4:1e3b908f-19a9-db11-a64c-001125224ba8:branches/version-2_11-dev:20919
bzr:committer:
Kentaro Ohkouchi <ohkouchi@loop-az.jp>
bzr:file-ids:

data/class/SC_MobileImage.php 16329@1e3b908f-19a9-db11-a64c-001125224ba8:branches%2Ffeature-module-update%2Fdata%2Fclass%2FSC_MobileImage.php
data/class/pages/mypage/LC_Page_Mypage_DownLoad.php 18777@1e3b908f-19a9-db11-a64c-001125224ba8:branches%2Fversion-2_5-dev%2Fdata%2Fclass%2Fpages%2Fmypage%2FLC_Page_Mypage_DownLoad.php
bzr:mapping-version:
v4
bzr:merge:

ohkouchi@loop-az.jp-20110511030255-8yixxonu53kxd417
bzr:repository-uuid:
1e3b908f-19a9-db11-a64c-001125224ba8
bzr:revision-id:
ohkouchi@loop-az.jp-20110511062442-ggcdv902auw9rmrm
bzr:revno:
3626
bzr:revprop:branch-nick:
branches/version-2_11-dev
bzr:root:
branches/version-2_11-dev
bzr:testament:

bazaar-ng testament short form 2.1
revision-id: ohkouchi@loop-az.jp-20110511062442-ggcdv902auw9rmrm
sha1: 812efec0cdfc81d7f8184a24d5e533c1fbd9079c
bzr:text-parents:

data/class/SC_MobileImage.php ohkouchi@loop-az.jp-20110322062543-rbk61hf6u1fkv2ja
data/class/pages/mypage/LC_Page_Mypage_DownLoad.php svn-v4:1e3b908f-19a9-db11-a64c-001125224ba8:branches/version-2_11-dev:20891
bzr:timestamp:
2011-05-11 15:24:42.322999954 +0900
bzr:user-agent:
bzr2.3.1+bzr-svn1.1.0dev0
Message:

#1301 (ダウンロード商品のダウンロードで, 無限ループの可能性)

  • fopen() の返り値をチェックするよう修正
  • data/class/SC_MobileImage.php でも同様の懸念があったため修正
Location:
branches/version-2_11-dev/data/class
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/version-2_11-dev/data/class/SC_MobileImage.php

    r20764 r20920  
    5353            // 端末の情報を取得する 
    5454            $fp = fopen(MOBILE_IMAGE_INC_REALDIR . "mobile_image_map_$carrier.csv", 'r'); 
     55            // 取得できない場合は, 入力内容をそのまま返す 
     56            if ($fp === false) { 
     57                return $buffer; 
     58            } 
    5559            while (($data = fgetcsv($fp, 1000, ",")) !== FALSE) { 
    5660                if ($data[1] == $model || $data[1] == '*') { 
  • branches/version-2_11-dev/data/class/pages/mypage/LC_Page_Mypage_DownLoad.php

    r20891 r20920  
    143143        //ファイル読み込み 
    144144        $handle = fopen($realpath, 'rb'); 
     145        if ($handle === false) { 
     146            SC_Utils_Ex::sfDispSiteError(DOWNFILE_NOT_FOUND,"",true); 
     147            exit; 
     148        } 
     149 
    145150        while (!feof($handle)) { 
    146151            echo(fread($handle, DOWNLOAD_BLOCK*1024)); 
Note: See TracChangeset for help on using the changeset viewer.