From: ab
Operating system: irrelevant
PHP version: Irrelevant
Package: Filesystem function related
Bug Type: Bug
Bug description:glob() basedir check is inconsistent
Description:
------------
As documentation states
"Returns an array containing the matched files/directories, an empty array
if no
file matched or FALSE on error."
whereby in case when internal glob() has returned NOMATCH, there's no
reliable
way to do basedir check. As examples below illustrate, when the glob query
is
complex, glob() returned NOMATCH and query is valid within basedir, it
still
will return bool(false) to the userspace in the most cases.
If the result is empty, using php_check_open_basedir_ex() on the pattern
will
work "somehow" only if it's a direct filesystem path or close to it, so
generally such check is senseless. Therefore what documentation states
about
returning an empty array vs. false cannot be guaranteed.
The same misbehavior persists on windows with correspondingly modified
queries.
Test script:
---------------
<?php
ini_set("open_basedir", "/etc");
/* found */
var_dump(glob("/etc"));
/* found given you're on debian :) */
var_dump(glob("/???/issue"));
/* basedir restriction */
var_dump(glob("/usr"));
/* basedir restriction, but that's a random result. PHP
doesnot really check /usr/nonono and /etc/nonono against basedir */
var_dump(glob("/{usr,etc}/nonono", GLOB_BRACE));
/* erroneous basedir restriction */
var_dump(glob("/[e]??/hey"));
/* erroroneous basedir restriction */
var_dump(glob("/???/absent"));
Expected result:
----------------
array(1) {
[0]=>
string(4) "/etc"
}
array(1) {
[0]=>
string(10) "/etc/issue"
}
bool(false)
bool(false)
array(0) {
}
array(0) {
}
Actual result:
--------------
array(1) {
[0]=>
string(4) "/etc"
}
array(1) {
[0]=>
string(10) "/etc/issue"
}
bool(false)
bool(false)
bool(false)
bool(false)
--
Edit bug report at https://bugs.php.net/bug.php?id=65489&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=65489&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=65489&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=65489&r=trysnapshottrunk
Fixed in SVN: https://bugs.php.net/fix.php?id=65489&r=fixed
Fixed in release: https://bugs.php.net/fix.php?id=65489&r=alreadyfixed
Need backtrace: https://bugs.php.net/fix.php?id=65489&r=needtrace
Need Reproduce Script: https://bugs.php.net/fix.php?id=65489&r=needscript
Try newer version: https://bugs.php.net/fix.php?id=65489&r=oldversion
Not developer issue: https://bugs.php.net/fix.php?id=65489&r=support
Expected behavior: https://bugs.php.net/fix.php?id=65489&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=65489&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=65489&r=submittedtwice
register_globals: https://bugs.php.net/fix.php?id=65489&r=globals
PHP 4 support discontinued: https://bugs.php.net/fix.php?id=65489&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=65489&r=dst
IIS Stability: https://bugs.php.net/fix.php?id=65489&r=isapi
Install GNU Sed: https://bugs.php.net/fix.php?id=65489&r=gnused
Floating point limitations: https://bugs.php.net/fix.php?id=65489&r=float
No Zend Extensions: https://bugs.php.net/fix.php?id=65489&r=nozend
MySQL Configuration Error: https://bugs.php.net/fix.php?id=65489&r=mysqlcfg
