aharvey                                  Fri, 05 Nov 2010 05:28:07 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=305098

Log:
Fix bug #53226 (file_exists fails on big filenames).

Bug: http://bugs.php.net/53226 (Assigned) file_exists fails on big filenames
      
Changed paths:
    U   php/php-src/branches/PHP_5_3/NEWS
    U   php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
    A   php/php-src/branches/PHP_5_3/tests/security/bug53226.phpt
    U   php/php-src/trunk/main/fopen_wrappers.c
    A   php/php-src/trunk/tests/security/bug53226.phpt

Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS   2010-11-05 04:37:27 UTC (rev 305097)
+++ php/php-src/branches/PHP_5_3/NEWS   2010-11-05 05:28:07 UTC (rev 305098)
@@ -55,6 +55,7 @@

 - Fixed bug #53241 (stream casting that relies on fdopen/fopencookie fails
   with streams opened with, inter alia, the 'xb' mode). (Gustavo)
+- Fixed bug #53226 (file_exists fails on big filenames). (Adam)
 - Fixed bug #53198 (changing INI setting "from" with ini_set did not have any
   effect). (Gustavo)
 - Fixed bug #53180 (post_max_size=0 not disabling the limit when the content

Modified: php/php-src/branches/PHP_5_3/main/fopen_wrappers.c
===================================================================
--- php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-11-05 04:37:27 UTC 
(rev 305097)
+++ php/php-src/branches/PHP_5_3/main/fopen_wrappers.c  2010-11-05 05:28:07 UTC 
(rev 305098)
@@ -292,6 +292,14 @@
                char *ptr;
                char *end;

+               /* Check if the path is too long so we can give a more useful 
error
+               * message. */
+               if (strlen(path) > (MAXPATHLEN - 1)) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "File name 
is longer than the maximum allowed path length on this platform (%d): %s", 
MAXPATHLEN, path);
+                       errno = EINVAL;
+                       return -1;
+               }
+
                pathbuf = estrdup(PG(open_basedir));

                ptr = pathbuf;

Added: php/php-src/branches/PHP_5_3/tests/security/bug53226.phpt
===================================================================
--- php/php-src/branches/PHP_5_3/tests/security/bug53226.phpt                   
        (rev 0)
+++ php/php-src/branches/PHP_5_3/tests/security/bug53226.phpt   2010-11-05 
05:28:07 UTC (rev 305098)
@@ -0,0 +1,31 @@
+--TEST--
+Bug #53226 (file_exists fails on big filenames)
+--INI--
+open_basedir=.
+--FILE--
+<?php
+require_once "open_basedir.inc";
+create_directories();
+
+var_dump(file_exists('./test/ok/ok.txt'));
+var_dump(file_exists('./test/foo'));
+
+// Picked an arbitrarily large number that should be beyond PATH_MAX on every
+// OS I know about.
+$file = str_repeat('x', 40000);
+var_dump(file_exists("./test/$file"));
+?>
+--CLEAN--
+<?php
+require_once "open_basedir.inc";
+delete_directories();
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(false)
+
+Warning: file_exists(): File name is longer than the maximum allowed path 
length on this platform (%d): %s in %s on line %d
+bool(false)

Modified: php/php-src/trunk/main/fopen_wrappers.c
===================================================================
--- php/php-src/trunk/main/fopen_wrappers.c     2010-11-05 04:37:27 UTC (rev 
305097)
+++ php/php-src/trunk/main/fopen_wrappers.c     2010-11-05 05:28:07 UTC (rev 
305098)
@@ -291,6 +291,14 @@
                char *ptr;
                char *end;

+               /* Check if the path is too long so we can give a more useful 
error
+               * message. */
+               if (strlen(path) > (MAXPATHLEN - 1)) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "File name 
is longer than the maximum allowed path length on this platform (%d): %s", 
MAXPATHLEN, path);
+                       errno = EINVAL;
+                       return -1;
+               }
+
                pathbuf = estrdup(PG(open_basedir));

                ptr = pathbuf;

Added: php/php-src/trunk/tests/security/bug53226.phpt
===================================================================
--- php/php-src/trunk/tests/security/bug53226.phpt                              
(rev 0)
+++ php/php-src/trunk/tests/security/bug53226.phpt      2010-11-05 05:28:07 UTC 
(rev 305098)
@@ -0,0 +1,31 @@
+--TEST--
+Bug #53226 (file_exists fails on big filenames)
+--INI--
+open_basedir=.
+--FILE--
+<?php
+require_once "open_basedir.inc";
+create_directories();
+
+var_dump(file_exists('./test/ok/ok.txt'));
+var_dump(file_exists('./test/foo'));
+
+// Picked an arbitrarily large number that should be beyond PATH_MAX on every
+// OS I know about.
+$file = str_repeat('x', 40000);
+var_dump(file_exists("./test/$file"));
+?>
+--CLEAN--
+<?php
+require_once "open_basedir.inc";
+delete_directories();
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(false)
+
+Warning: file_exists(): File name is longer than the maximum allowed path 
length on this platform (%d): %s in %s on line %d
+bool(false)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to