Right, but the root of the problem is where to do the invalidation check of bogus file path strings. Like checking for bogus null bytes in them. Right now:
file_exists($file . '.txt'); and file_exists($file); will check the same file if $file has a \0 stuck onto the end. This can lead to security problems. So, either we need to put some sort of check ahead of any and all calls that pass paths to the filesystem functions, or we need to change those filesystem functions to do the check natively. For the second option to work, we obviously need to pass in more than a naked char *. My worry with the first option is that we then push this out to every extension and it gets pretty messy. However, doing it this way would let us do it without breaking binary compatibility in 5.3. -Rasmus On 11/14/10 9:35 PM, Andi Gutmans wrote: > Hi Rasmus, > > Hope I understood the problem correctly. If not, this answer won't make sense > :) > I do not see a major problem in passing path_len but wonder how much it'd > actually solve as we end up calling OS APIs that do not accept path_len, no? > I assume we don't want to start searching all these strings for invalid chars > before we pass them to the OS. > > Andi > >> -----Original Message----- >> From: Rasmus Lerdorf [mailto:ras...@lerdorf.com] >> Sent: Sunday, November 14, 2010 11:54 AM >> To: internals >> Subject: [PHP-DEV] Adding path_len to all stream functions in trunk >> >> I think we need to pass along the string length to all the stream functions >> to >> maintain binary string safety through this code. This would fix annoying >> problems like http://bugs.php.net/39863 and a bunch of similar issues. >> Obviously not something we can do in 5.3 without breaking binary >> compatibility >> though. Although we might be able to do something if we assume only chars >> valid in the current charset is valid in file paths. >> >> Anybody have any other thoughts on this one? >> >> -Rasmus >> >> -- >> PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: >> http://www.php.net/unsub.php > -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
