ID: 9462 User Update by: [EMAIL PROTECTED] Status: Open Bug Type: Filesystem function related Description: NULL bute eats rest of string On my system, with something like: include($string . ".php"); I'm able to get, for example, /etc/passwd by adding a null byte to the end of $string, causing the include function to ignore the ".php" extension set on the include. Previous Comments: --------------------------------------------------------------------------- [2001-02-28 23:06:04] [EMAIL PROTECTED] just error reporting functions are not binary safe. although i do not see a reason to open a file containing a null char in the name - most OSes will get the part before the first null char. lets call it bug because current behav doesn't help enough to track the problem --------------------------------------------------------------------------- [2001-02-26 09:17:33] [EMAIL PROTECTED] I'm not sure if this is a bug or feature, comments are apreciated. http://bugs.horde.org/show_bug.cgi?id=621 Example: <quote> include($string . ".php"); </quote> with "magic_quotes_gpc = On" (php.ini) calling test.php?string=test%00 result: Warning: Failed opening 'test -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
