Edit report at http://bugs.php.net/bug.php?id=39863&edit=1
ID: 39863 Comment by: tyra3l at gmail dot com Reported by: djcapelis at gmail dot com Summary: file_exists() silently truncates after a null byte Status: Assigned Type: Feature/Change Request Package: *General Issues Operating System: Linux, MacOSX PHP Version: 4.4.4, 5.1.5 Assigned To: pajoye Block user comment: N Private report: N CVE-ID: 2006-7243 New Comment: the testcase a little bit confusing: it should fail until the bug is fixed, and because it was a known bug, it was marked as a failing test (XFAIL) now that the bug got fixed, but the test wasn't modified to reflect this, we got a situation, when an test passed when it is expected to fail. which means that the bug is fixed. I will modify the TEST and remove the XFAIL mark, and if the pass fails in the future, that means that we got a regression. Tyrael Previous Comments: ------------------------------------------------------------------------ [2011-04-14 15:00:34] paul dot kraus at ag dot ny dot gov Just compiled 5.3.6 on Solaris 10 / SPARC and `make test` reports "Bug #39863 (file_exists() silently truncates after a null byte) [ext/standard/test/file/bug39863.phpt] (warn: XFAIL section but test passes)" so it appears that this bug is NOT fixed as of 5.3.6 on Solaris 10 (unless I am misreading the test report). ------------------------------------------------------------------------ [2011-01-19 13:13:52] patrick at cookie dot monster dot org Will this be fixed too in php 5.2.17? ------------------------------------------------------------------------ [2010-11-18 17:21:15] paj...@php.net Fixed in PHP_5_3, will be part of 5.3.4. trunk still needs the fix, it will be done soonish. ------------------------------------------------------------------------ [2010-11-18 16:22:24] paj...@php.net Automatic comment from SVN on behalf of pajoye Revision: http://svn.php.net/viewvc/?view=revision&revision=305507 Log: - fix #39863, do not accept paths with NULL in them. See http://news.php.net/php.internals/50191, trunk will have the patch later (adding a macro and/or changing (some) APIs. Patch by Rasmus ------------------------------------------------------------------------ [2010-06-05 21:45:27] s...@php.net I've merged the test as ext/standard/tests/file/bug39863.phpt ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=39863 -- Edit this bug report at http://bugs.php.net/bug.php?id=39863&edit=1
