ID: 41899
Updated by: [EMAIL PROTECTED]
Reported By: geoffwa at cs dot rmit dot edu dot au
Status: Feedback
Bug Type: Streams related
Operating System: Solaris 10
PHP Version: 5.2.3
Assigned To: ab5602
New Comment:
Geoffwa, when you get a chance, please let me know if applying the
patch below to the current snapshot fixes the issue for you.
[EMAIL PROTECTED]:~/mkdirtest]$ ./php-solfix -dsafe_mode=1
./test2.php
Current working directory is: /export/home/rob/mkdirtest
Opened /export/home/rob/mkdirtest/a/b/file
Opened ./a/b/file from ./a using ./b/file
Opened ./a/b/file from ./a using ./b/c/../file
Opened ./a/b/file from ./a/b/c using ../file
Opened ../file from ./a/b/c using ./../file
Opened ./a/b/file from ./a/b using ./file
Opened ./a/file from ./a/b using ./c/../../file
Opened ./a/b/c/file from ./a/b/c using ../c/file
[EMAIL PROTECTED]:~/mkdirtest]$ ./php-solfix -dsafe_mode=1 ./test.php
SUCCESS
--- ./safe_mode.c.old 2007-09-23 10:19:21.000000000 -0500
+++ ./safe_mode.c 2007-10-09 19:39:44.000000000 -0500
@@ -86,7 +86,15 @@
* If that fails, passthrough and check directory...
*/
if (mode != CHECKUID_ALLOW_ONLY_DIR) {
- expand_filepath(filename, path TSRMLS_CC);
+
+ char filename_test[MAXPATHLEN];
+ strcpy(filename_test,filename);
+ if (VCWD_GETCWD(filename_test, sizeof(filename)) ==
NULL) {
+ strcpy(path,filename);
+ } else {
+ expand_filepath(filename, path TSRMLS_CC);
+ }
+
ret = VCWD_STAT(path, &sb);
if (ret < 0) {
if (mode == CHECKUID_DISALLOW_FILE_NOT_EXISTS)
{
Previous Comments:
------------------------------------------------------------------------
[2007-10-09 20:34:59] [EMAIL PROTECTED]
Thanks, that was it. I am able to reproduce the situation now.
Have tracked the issue down to safe_mode.c, php_checkuid_ex(), as is
shown above in the thread and am working with it.
------------------------------------------------------------------------
[2007-10-09 16:07:47] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5.2-latest.tar.gz
For Windows (zip):
http://snaps.php.net/win32/php5.2-win32-latest.zip
For Windows (installer):
http://snaps.php.net/win32/php5.2-win32-installer-latest.msi
------------------------------------------------------------------------
[2007-10-09 06:58:42] geoffwa at cs dot rmit dot edu dot au
Err are you running with safe mode on?
$ ./php5.2-200710080430-debug -dsafe_mode=0 test2.php
SUCCESS
------------------------------------------------------------------------
[2007-10-09 06:56:17] geoffwa at cs dot rmit dot edu dot au
I can send you a tar, but I doubt that'll help matters. Here's the
directory:
-------
drwxrwxrwx 2 geoffwa staff 512 Oct 9 16:44 .
drwx------ 8 geoffwa staff 512 Oct 8 15:14 ..
-rwx------ 1 geoffwa staff 3.7M Oct 9 16:23 php5.2-200710080430
-rwx------ 1 geoffwa staff 11M Oct 9 16:44 php5.2-200710080430-debug
-rw------- 1 geoffwa staff 2.7K Oct 8 15:17 test.php
-rw------- 1 geoffwa staff 301 Oct 8 15:21 test2.php
-------
(set . to 0777 for demonstration purposes)
(run the smaller of the two example scripts)
$ ./php5.2-200710080430-debug test2.php
Warning: mkdir(): Unable to access ./a in /homedir/test2.php on line 3
mkdir failed
------------------------------------------------------------------------
[2007-10-08 17:39:26] [EMAIL PROTECTED]
Also, tested the longer script posted in this thread. That appears to
work for me as well.
[EMAIL PROTECTED]:/test/abc]$ uname -a
SunOS opteron 5.10 Generic_118855-14 i86pc i386 i86pc
[EMAIL PROTECTED]:/test/abc]$ ./php-cvs -v
PHP 5.2.5-dev (cli) (built: Oct 7 2007 11:26:15) (DEBUG)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
[EMAIL PROTECTED]:/test/abc]$ ./php-cvs ./test.php
Current working directory is: /test/abc
Opened /test/abc/a/b/file
Opened ./a/b/file from ./a using ./b/file
Opened ./a/b/file from ./a using ./b/c/../file
Opened ./a/b/file from ./a/b/c using ../file
Opened ../file from ./a/b/c using ./../file
Opened ./a/b/file from ./a/b using ./file
Opened ./a/file from ./a/b using ./c/../../file
Opened ./a/b/c/file from ./a/b/c using ../c/file
[EMAIL PROTECTED]:/test/abc]$
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/41899
--
Edit this bug report at http://bugs.php.net/?id=41899&edit=1
