Edit report at http://bugs.php.net/bug.php?id=53577&edit=1
ID: 53577
User updated by: lekensteyn at gmail dot com
Reported by: lekensteyn at gmail dot com
Summary: Regression (5.3.3-5.3.4) in open_basedir with a
trailing forward slash
Status: Duplicate
Type: Bug
Package: Safe Mode/open_basedir
Operating System: Windows 7
PHP Version: 5.3.4
Block user comment: N
Private report: N
New Comment:
This is related to bug #53352 , but not an exact duplicate.
I've just added a patch on fopen_wrappers.c from the PHP 5.3 branch,
r305698 (
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/main/fopen_wrappers.c?view=markup&pathrev=305698
)
The patch fixed it for me.
Previous Comments:
------------------------------------------------------------------------
[2010-12-20 07:34:40] [email protected]
Duplicate of bug #53352.
------------------------------------------------------------------------
[2010-12-19 23:58:32] lekensteyn at gmail dot com
I'm just guessing, replacing the following:
-- snip --
if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR) {
if (resolved_basedir[resolved_basedir_len - 1] !=
PHP_DIR_SEPARATOR)
{
resolved_basedir[resolved_basedir_len] =
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';
}
} else {
resolved_basedir[resolved_basedir_len++] =
PHP_DIR_SEPARATOR;
resolved_basedir[resolved_basedir_len] = '\0';
}
-- snip --
with
-- snip --
if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR) {
if (resolved_basedir[resolved_basedir_len - 1] !=
PHP_DIR_SEPARATOR)
{
resolved_basedir[resolved_basedir_len] =
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';
}
#if defined(PHP_WIN32) || defined(NETWARE)
} else if (basedir[strlen(basedir) - 1] != '/') {
#else
} else {
#endif
resolved_basedir[resolved_basedir_len++] =
PHP_DIR_SEPARATOR;
resolved_basedir[resolved_basedir_len] = '\0';
}
-- snip --
should work.
Under Windows, PHP_DIR_SEPARATOR is a backslash. So we check here if it
is a forward slash.
------------------------------------------------------------------------
[2010-12-19 23:44:46] lekensteyn at gmail dot com
Description:
------------
Downloaded PHP 5.3.3 from:
http://windows.php.net/downloads/releases/archives/php-5.3.3-nts-Win32-VC9-x86.zip
Downloaded PHP 5.3.4 from:
http://windows.php.net/downloads/releases/php-5.3.4-nts-Win32-VC9-x86.zip
The following settings has the expected results in both PHP 5.3.3 and
PHP 5.3.4
open_basedir="C:\twlan\"
open_basedir="C:\twlan"
open_basedir="C:/twlan"
open_basedir="C:/twlan\"
The following setting breaks open_basedir in PHP 5.3.4, but works fine
in 5.3.3.
open_basedir="C:/twlan/"
So, the trailing forward slash on open_basedir makes every path
invalid.
Changes between 5.3.3 and 5.3.4:
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/main/fopen_wrappers.c?r1=301440&r2=306091
I think the bug was introduced in
http://svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.c?r1=305098&r2=305698
--- begin code ---
@@ -228,6 +234,9 @@
resolved_basedir[resolved_basedir_len] =
PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';
}
+ } else {
+ resolved_basedir[resolved_basedir_len++] =
PHP_DIR_SEPARATOR;
+ resolved_basedir[resolved_basedir_len] = '\0';
}
resolved_name_len = strlen(resolved_name);
--- end code ---
PHP_DIR_SEPARATOR is "\\" on Windows.
Test script:
---------------
<?php
// open_basedir="C:/twlan/"
header("Content-Type: text/plain");
error_reporting(E_ALL | E_STRICT);
ini_set('html_errors', 0);
var_dump(realpath('.'));
var_dump(realpath('..'));
var_dump(realpath('../..'));
var_dump(realpath('../../..'));
?>
Expected result:
----------------
string(22) "C:\twlan\htdocs\combot"
string(15) "C:\twlan\htdocs"
string(8) "C:\twlan"
Warning: realpath(): open_basedir restriction in effect. File(C:\) is
not within the allowed path(s): (C:/twlan/) in
C:\twlan\htdocs\combot\php-bug.php on line 7
bool(false)
Actual result:
--------------
Warning: realpath(): open_basedir restriction in effect.
File(C:\twlan\htdocs) is not within the allowed path(s): (C:/twlan/) in
C:\twlan\htdocs\combot\php-bug.php on line 5
bool(false)
Warning: realpath(): open_basedir restriction in effect.
File(C:\twlan\htdocs) is not within the allowed path(s): (C:/twlan/) in
C:\twlan\htdocs\combot\php-bug.php on line 5
bool(false)
Warning: realpath(): open_basedir restriction in effect. File(C:\twlan)
is not within the allowed path(s): (C:/twlan/) in
C:\twlan\htdocs\combot\php-bug.php on line 6
bool(false)
Warning: realpath(): open_basedir restriction in effect. File(C:\) is
not within the allowed path(s): (C:/twlan/) in
C:\twlan\htdocs\combot\php-bug.php on line 7
bool(false)
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=53577&edit=1
