Edit report at http://bugs.php.net/bug.php?id=51860&edit=1
ID: 51860
Updated by: the...@php.net
Reported by: stephan dot suerken at 1und1 dot de
Summary: Include fails with toplevel symlink to /
Status: Open
Type: Bug
Package: Reproducible crash
PHP Version: 5.3.2
New Comment:
Wait:
# /opt/php/php-5.3.2/sapi/cli/php -r
'var_dump(realpath("/phplink/phpinclude/inc123.php"));'
string(22) "/phpinclude/inc123.php"
...and:
# echo '<?php var_dump(realpath("/phplink/phpinclude/inc123.php"));' >
test.php
# /opt/php/php-5.3.2/sapi/cli/php test.php
string(22) "/phpinclude/inc123.php"
But:
# echo '<?php var_dump(realpath("/phplink/phpinclude/inc123.php"));' >
/phplink/phptest/test.php
# /opt/php/php-5.3.2/sapi/cli/php /phplink/phptest/test.php
bool(false)
So if the executed script itself is inside the symlink'd directory,
VCWD_REALPATH() does not correctly work (used by both include / require
and realpath(), that's why I'm using the latter here)
This does not occur with PHP 5.2.X (or PHP4, btw)
Previous Comments:
------------------------------------------------------------------------
[2010-05-21 13:12:21] the...@php.net
Cannot reproduce on Gentoo with 5.3.2-RELEASE.
------------------------------------------------------------------------
[2010-05-21 13:05:09] stephan dot suerken at 1und1 dot de
>[2010-05-20 10:14 UTC] m...@php.net
>You think anybody's goind to untar something in his root AS root?
Well...yes ;). Look at the tarball first, it's harmless.
>Please provide some proper steps to reproduce, thank you.
I could not find another way to reproduce it (yet) but in /; the tarball
seems to be the easiest way to make someone else reproduce it.
Thx,
Stephan
------------------------------------------------------------------------
[2010-05-21 12:06:35] the...@php.net
1) Create a symlink in / to /
r...@thekid:/ > ln -s / phptest
r...@thekid:/ > ls -al /phptest
lrwxr-xr-x 1 root wheel 1 May 21 10:40 /phptest -> /
2) Verify
r...@thekid:/ > echo "OK" > /phpfile
r...@thekid:/ > php -r 'include("/phptest/phpfile");'
Expected result: "OK"
3) Clean up
r...@thekid:/ > rm /phptest /phpfile
You need to be root because you're working in /, that's it:)
------------------------------------------------------------------------
[2010-05-20 14:14:47] m...@php.net
You think anybody's goind to untar something in his root AS root?
Please provide some proper steps to reproduce, thank you.
------------------------------------------------------------------------
[2010-05-19 16:46:20] stephan dot suerken at 1und1 dot de
Description:
------------
Tarball: http://stephan-suerken.de/tmp/php53include.tar.gz
Hi,
with a certain directory setup (symlink pointing to /, see file tree in
php53include.tar.gz) plus script call syntax (see scripts "ok" and
"fail" scripts in tarball), including a file meekly fails.
I have not completely debugged it, but afaics "php_resolve_path" fails
were it should not; I suspect some of the "canonize path" functions
wrongly give an error here.
Thanks,
Stephan
Test script:
---------------
Steps to reproduce:
1. Download: http://stephan-suerken.de/tmp/php53include.tar.gz
[as root]
2. cd /
3. tar xfz php53include.tar.gz
4. /phptest/fail
Expected result:
----------------
# manwe(CHROOT:sid-ui): /phptest
# root? ./ok
/phpinclude/inc123.php: OK, INCLUDED
Actual result:
--------------
# manwe(CHROOT:sid-ui): /phptest
# root? ./fail
PHP Warning: require(/phplink/phpinclude/inc123.php): failed to open
stream: No such file or directory in /phptest/test.php on line 2
PHP Fatal error: require(): Failed opening required
'/phplink/phpinclude/inc123.php'
(include_path='.:/usr/share/php:/usr/share/pear') in /phptest/test.php
on line 2
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=51860&edit=1
