Ticket #42619: 42619.2.diff

src/wp-admin/includes/class-wp-automatic-updater.php

@@ -56 +56 @@
         }
 
         /**
+         * Checks whether access to a given directory is allowed.
+         *
+         * This is used when detecting version control checkouts. Takes into account
+         * the PHP open_basedir restrictions, so that WordPress does not try to access
+         * directories it is not allowed to.
+         *
+         * @since 6.1.0
+         *
+         * @param string $dir The directory to check.
+         * @return bool True if access to the directory is allowed, false otherwise.
+         */
+        public function is_allowed_dir( $dir ) {
+                $open_basedir = ini_get( 'open_basedir' );
+
+                if ( ! $open_basedir ) {
+                        return true;
+                }
+
+                $open_basedir_list = explode( PATH_SEPARATOR, $open_basedir );
+
+                foreach ( $open_basedir_list as $basedir ) {
+                        if ( str_starts_with( $dir, $basedir ) ) {
+                                return true;
+                        }
+                }
+
+                return false;
+        }
+
+        /**
          * Checks for version control checkouts.
          *
          * Checks for Subversion, Git, Mercurial, and Bazaar. It recursively looks up the
@@ -101 +131 @@
                 // Search all directories we've found for evidence of version control.
                 foreach ( $vcs_dirs as $vcs_dir ) {
                         foreach ( $check_dirs as $check_dir ) {
-                                $checkout = @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" );
+                                $checkout = $this->is_allowed_dir( $check_dir ) && @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" );
                                 if ( $checkout ) {
                                         break 2;
                                 }