From: exe at travian dot org
Operating system: GNU/Linux Kernel 2.6.18
PHP version: 5.2.5
PHP Bug Type: Filesystem function related
Bug description: Misdirected output after closing stdout/stderr and working
with files.
Description:
------------
If STDOUT/STDERR are closed by a script then the first two file handles
opened by that script afterwards will take the place of the former
STDOUT/STDERR handles. This will cause any output which normaly goes to
STDOUT (like in print/echo statements) to be written to the new file
handles. This behaviour may corrupt files written by that script.
This is a similar problem as in bug #44217.
Reproduce code:
---------------
<?php
fclose(STDOUT); fclose(STDERR);
$fp1 = fopen('test.log', 'a'); // File handle 1, formerly STDOUT
$fp2 = fopen('test.log', 'a'); // File handle 2, formerly STDERR
print "foo"; // Will be written to test.log
?>
Expected result:
----------------
No output from php, no appended output in test.log
Actual result:
--------------
String "foo" will be appended to test.log
strace shows that php first closes file handle 1 (stdout) and 2 (stderr)
and then openes two file handles, which get the numbers 1 and 2, and then
print "foo" to file handle 1 which now points to test.log:
read(3, "<?php\nfclose(STDOUT); fclose(STD"..., 8192) = 217
read(3, "", 4096) = 0
read(3, "", 8192) = 0
close(3) = 0
munmap(0x2b97a043e000, 4096) = 0
close(1) = 0
munmap(0x2b97a0440000, 4096) = 0
close(2) = 0
getcwd("/root", 4096) = 6
lstat("/root", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat("/root/test.log", {st_mode=S_IFREG|0644, st_size=290, ...}) = 0
open("/root/test.log", O_WRONLY|O_APPEND|O_CREAT, 0666) = 1
fstat(1, {st_mode=S_IFREG|0644, st_size=290, ...}) = 0
lseek(1, 0, SEEK_CUR) = 0
lseek(1, 0, SEEK_CUR) = 0
getcwd("/root", 4096) = 6
open("/root/test.log", O_WRONLY|O_APPEND|O_CREAT, 0666) = 2
fstat(2, {st_mode=S_IFREG|0644, st_size=290, ...}) = 0
lseek(2, 0, SEEK_CUR) = 0
lseek(2, 0, SEEK_CUR) = 0
write(1, "foo", 3) = 3
close(2) = 0
close(1) = 0
close(0) = 0
munmap(0x2b97a043f000, 4096) = 0
munmap(0x2b97a03fd000, 266240) = 0
mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x2b97a03fd000
setitimer(ITIMER_PROF, {it_interval={0, 0}, it_value={0, 0}}, NULL) = 0
munmap(0x2b97a03fd000, 266240) = 0
brk(0xd36000) = 0xd36000
exit_group(0) = ?
Process 19229 detached
--
Edit bug report at http://bugs.php.net/?id=44218&edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=44218&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=44218&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=44218&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=44218&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=44218&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=44218&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=44218&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=44218&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=44218&r=support
Expected behavior: http://bugs.php.net/fix.php?id=44218&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=44218&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=44218&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=44218&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=44218&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=44218&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=44218&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=44218&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=44218&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=44218&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=44218&r=mysqlcfg
