ID: 11767
User Update by: [EMAIL PROTECTED]
Status: Open
Bug Type: Program Execution
Operating system: Unix
PHP Version: 4.0.6
Description: Bad escape sequence

I had some time this morning to check for the infamous bug and while watching 
standart/exec.c I found out that the index of chars that should be backslashed didn't 
include \x20. File was modified in consequence and after a recompilation i was 
surprised to see that it didn't work :/
If anyone plans to correct this, do not add \x20 to the index of chars cause it would 
also backslash spaces between the binary name and the vars. The same example as 
previous post would _try_ to execute `echo.sh\ this\ žs\ a\ test` as a single command  
:(

I would like to point to the fact that this bug affects many, many, many people using 
a system based authentication as it prevents users from log into whatever they want to 
log into correctly. It prevents also the use of any kind of system() function when a 
space is needed anywhere in the call.

Previous Comments:
---------------------------------------------------------------------------

[2001-06-28 02:27:48] [EMAIL PROTECTED]
When safe_mode is set to On, it is impossible to pass a variable that contains a 
string with a space in it as an argument to any system() like function. The following 
script shows the problem:

<?
   $somevar = "this is a test";
   exec("echo.sh $somevar", $return);
   echo $return[0];
?>

echo.sh being a simple shell script that echoes back anything that we feed it. The 
following PHP script will display 'this' instead of 'this is a test'. I tried 
backslashing every chars of the variable by writing a simple function but spaces seems 
not to be correctly passed to the shell script. The same script executed when 
safe_mode is set to off works perfectly...

Veins - [EMAIL PROTECTED]


---------------------------------------------------------------------------


Full Bug description available at: http://bugs.php.net/?id=11767


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to