#21097 [NEW]: tsrm_virtual_cwd.c/virtual_file_ex handles ".." incorrectly for UNC paths

Thu, 19 Dec 2002 07:18:03 -0800 

From:             [EMAIL PROTECTED]
Operating system: Win32
PHP version:      4.2.3
PHP Bug Type:     *Directory/Filesystem functions
Bug description:  tsrm_virtual_cwd.c/virtual_file_ex handles ".." incorrectly for UNC 
paths

On Win32, the virtual_file_ex() function in TSRM/tsrm_virtual_cwd.c doesn't
handle ".." correctly when state->cwd is a UNC path.  

Basically, when state->cwd = "//hostname/foo/bar" and path_copy =
"../file.txt", the function sets the new state->cwd to
"//hostname/foo/bar/file.txt" rather than "//hostname/foo/file.txt".

This breaks any PHP functions that call virtual_file_ex(), including:

require "../config.inc.php";
require_once "../config.inc.php";
include "../config.inc.php";
include_once "../config.inc.php";
$f = fopen("../config.inc.php", "r");

The reason for this is that the IS_ABSOLUTE_PATH() macro returns false
when given a UNC path.  The following patch does not change this
behaviour, but it adds additional IS_UNC_PATH() checks where appropriate:



diff -bruN php-4.2.3/TSRM/tsrm_virtual_cwd.c
php-4.2.3-fixed/TSRM/tsrm_virtual_cwd.c
--- php-4.2.3/TSRM/tsrm_virtual_cwd.c   Thu Apr 25 08:52:46 2002
+++ php-4.2.3-fixed/TSRM/tsrm_virtual_cwd.c     Thu Dec 19 08:33:28 2002
@@ -346,14 +346,25 @@
 
 #define PREVIOUS state->cwd[state->cwd_length - 1]
 
+#ifdef TSRM_WIN32
+                       while ((IS_ABSOLUTE_PATH(state->cwd, state->cwd_length) ||
+                                       IS_UNC_PATH(state->cwd, state->cwd_length)) &&
+                                       !IS_SLASH(PREVIOUS)) {
+#else
                        while (IS_ABSOLUTE_PATH(state->cwd, state->cwd_length) &&
                                        !IS_SLASH(PREVIOUS)) {
+#endif
                                save = PREVIOUS;
                                PREVIOUS = '\0';
                                state->cwd_length--;
                        }
 
+#ifdef TSRM_WIN32
+                       if (!IS_ABSOLUTE_PATH(state->cwd, state->cwd_length) &&
+                                       !IS_UNC_PATH(state->cwd, state->cwd_length)) {
+#else
                        if (!IS_ABSOLUTE_PATH(state->cwd, state->cwd_length)) {
+#endif
                                state->cwd[state->cwd_length++] = save;
                                state->cwd[state->cwd_length] = '\0';
                        } else {




-- 
Edit bug report at http://bugs.php.net/?id=21097&edit=1
-- 
Try a CVS snapshot:         http://bugs.php.net/fix.php?id=21097&r=trysnapshot
Fixed in CVS:               http://bugs.php.net/fix.php?id=21097&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=21097&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=21097&r=needtrace
Try newer version:          http://bugs.php.net/fix.php?id=21097&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=21097&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=21097&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=21097&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=21097&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=21097&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=21097&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=21097&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=21097&r=isapi

Reply via email to