[PHP-DEV] filesystem security questions
I have a few questions about correctly implementing safe_mode, open_basedir and allow_url checks within an extension. Probably an easy question, but I have seen it implemented in various ways in different extensions and want to make sure i implement this correctly. allow_url checks: is there a standard function which produces an error if not allowed, or do I just handle this within the extension after testing with PG(allow_url_fopen)? safe_mode: this is done by testing both php_check_safe_mode_include_dir and php_checkuid if safe_mode is enabled, correct? open_basedir: this is just done with php_check_open_basedir? Is there any precedence of the safe_mode and open_basedir checks or does it need to pass both checks? Are there any other checks i am missing to implement filesystem security within an extension? Thanks, Rob -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] filesystem security questions
I think using stream functions may be overkill for what I need to do.
While fixing an issue with using relative paths in domxml and decided to add
filesecurity features in at the same time.
The file path comes in as a string and is sent directly to libxml as such.
also, going through the locate_url_wrapper function, it looks like it
defines acceptable protocols to use.
Also, libxml has its own routines for remote file access, so in the event a
new protocol is used (right now it is just http and ftp), should the
extension disallow the use of other protocols if it is not supported in php?
may not be an issue.
right now I am using the following to test for a remote path:
if (!strncasecmp(file,http://;, 7) || !strncasecmp(file,ftp://;, 6)) {
which could be expanded upon if additional protocols are added to libxml.
I could be wrong (wouldn't be the first time), but I am not sure if I really
need to use the streams functions as I wont be doing anything with the
returned wrapper.
Thanks
Rob
- Original Message -
From: Markus Fischer [EMAIL PROTECTED]
In CVS HEAD we've a new, generic implemention called
'streams'. The streams implementation takes care of this. See
main/streams.c in locate_url_wrapper (which is called when
you create a new stream):
if (wrapper wrapper-is_url !PG(allow_url_fopen)) {
zend_error(E_WARNING, URL file-access is disabled in the server
configuration);
return NULL;
}
--
PHP Development Mailing List http://www.php.net/
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] filesystem security questions
I am talking about the domxml. After thinking about a bit and reading the post from Melvyn, I think that streams might be the way to go, but not quite positive yet. In a long term sense, I am just not sure how far domxml is going to go; meaning the discussion of the unified xml implementation. I dont know where this stands, though don't see it being rolled out in the immediate future with all that needs to be done, and assume that it will replace domxml. It looks like there will be two tracks here. One maintaining domxml and they other working on the unified implementation. With that in mind, where should the focus of development on domxml be? I would like to see it get out of experimental stage and considered stable. It may not include all the bells and whistles, but at least for the functionality it does support, it is considered solid. Rob - Original Message - From: Markus Fischer [EMAIL PROTECTED] To: Rob Richards [EMAIL PROTECTED] Cc: Php-Dev List [EMAIL PROTECTED] Sent: Saturday, June 08, 2002 10:16 AM Subject: Re: [PHP-DEV] filesystem security questions Are you talking about your own extension or ext/domxml ? I think (but could be wrong) that sooner or later streams should be used everyone for consistency. - Markus -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] filesystem security questions
The more I think about it, I dont know if streams should be done in the domxml extension currently. This is a big change from its current implementation and if it was to be undertaken, then why not just start fresh with the unified implementation? You are talking about implementing everything as streams (the dom, nodes, etc..) correct? Even with stream, how would this help in the following problem. You need to save your document to file. You may be passing it in as a stream, but when the libxml call is made it just requires a file path. validation on the file path is still going to be needed. I cant see using a stream for this as we are not doing any type of I/O here, just calling another library with a file path. I might be missing with streams, but after reading the readme, i still dont see how they will help in this situation. I feel like I got side tracked from my origional question and am back at square one. Rob Are you talking about your own extension or ext/domxml ? I think (but could be wrong) that sooner or later streams should be used everyone for consistency. - Markus -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DEV] domxml patch
can someone apply this patch to cvs for me.
it fixes a problem in domxml_dump_mem_file with xmlKeepBlanksDefault not
being reset when the formatting parameter is true.
same problem that was in domxml_dump_mem, but missed this function
yesterday.
thanks
rob
Index: php_domxml.c
===
RCS file: /repository/php4/ext/domxml/php_domxml.c,v
retrieving revision 1.163
diff -u -r1.163 php_domxml.c
--- php_domxml.c4 Jun 2002 14:30:12 - 1.163
+++ php_domxml.c5 Jun 2002 15:02:05 -
-3274,7 +3274,7
{
zval *id;
xmlDoc *docp;
- int file_len, bytes;
+ int file_len, bytes, keepblanks;
int format = 0;
int compressmode = 0;
char *file;
-3284,8 +3284,9
xmlSetCompressMode(compressmode);
if (format) {
- xmlKeepBlanksDefault(0);
+ keepblanks = xmlKeepBlanksDefault(0);
bytes = xmlSaveFormatFile(file, docp, format);
+ xmlKeepBlanksDefault(keepblanks);
} else {
bytes = xmlSaveFile(file, docp);
}
--
PHP Development Mailing List http://www.php.net/
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DEV] domxml patch
can someone apply this patch to cvs for me. it fixes the problem reported in
bug # 17560
i think i have solved the attachment problems, let me know if people still
cant get my attachments.
xmlKeepBlanksDefault default is 1 if not set. once set it remains at the new
value until changed.
the patch just resets it to its previous value before the formatting.
bug is only reproduceable when running php as a mod.
thanks
rob
Index: php_domxml.c
===
RCS file: /repository/php4/ext/domxml/php_domxml.c,v
retrieving revision 1.161
diff -u -r1.161 php_domxml.c
--- php_domxml.c31 May 2002 06:14:29 - 1.161
+++ php_domxml.c4 Jun 2002 12:55:47 -
-3238,19 +3238,20
xmlDoc *docp;
xmlChar *mem;
int format = 0;
- int size;
+ int size, keepblanks;
int encoding_len = 0;
char *encoding;
DOMXML_PARAM_THREE(docp, id, le_domxmldocp, |ls, format, encoding,
encoding_len);
if (format) {
- xmlKeepBlanksDefault(0);
+ keepblanks = xmlKeepBlanksDefault(0);
if (encoding_len) {
xmlDocDumpFormatMemoryEnc(docp, mem, size, encoding, format);
} else {
xmlDocDumpFormatMemory(docp, mem, size, format);
}
+ xmlKeepBlanksDefault(keepblanks);
} else {
if (encoding_len) {
xmlDocDumpMemoryEnc(docp, mem, size, encoding);
--
PHP Development Mailing List http://www.php.net/
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DEV] domxml memory issue
attached is a diff of php_domxml.c i have been working on. it is meant to allow the extension to synch up when sub trees which are freed by libxml (basically it was started to attempt to fix the set_content routine). thanks to Lukas Schroeder and Christian Stocker for answering my questions and their help on this, but i think i may have some issues with zval cleanup. the diff includes a modified set_content which seems to be working fine. so far no segfaults on the tests i have run, as it doesnt seem to be trying to double free memory anymore, but i feel that there may be some left of zvals floating around especially when nodes are retrieved with xpath and returned in an array. the problem seems to come in the routine node_wrapper_destroy which was added. the wrapper is set to null as the xml node no longer exists. the php_free_xml_node routine will no longer dtor if the xml is removed as there is no wrapper. i tried attempted to take care of this in the node_wrapper_destroy function, but find when running scripts with xpath calls i can keep increasing the refcount. so far using xpath has been the only way i have found to increase the refcount above 2. the function will remove the object from the hash if it exists there, so they become invalid in scripting, but with the refcount possibly still above 0 after a call to node_wrapper_destroy i dont think the zvals are being cleaned up properly. a possible solution, though i am trying to avoid doing it is to get the refcount when entering the node_wrapper_destroy function and just calling zval_ptr_dtor that many times, but i dont think it is proper, so i figured it was time to ask here for help. any more help would be greatly appreciated. please let me know if i am way off base with this methodology and wasting my time here so i can look into other ways of accomplishing this. thanks rob -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DEV] domxml memory issue diff
for those who had problems with the attachment you can grab it here: http://www.digarc.com/php_domxml.c.diff thanks rob -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DEV] domxml questions
I have been going through the latest domxml extension and have a few questions about it. Looking at the docs, it is indicated that set_content and get_content are depreciated. The new functions from the docs, however, do not really make sense. set_content - Create a new node with e.g. DomDocument_create_text_node() und add it with DomNode_append_child(). get_content - Content is just a text node and can be accessed with DomNode_child_nodes(). Would get_content really be replace with node_value? All the child_nodes would give you is the child nodes. I am not sure if this was the intended function of the get/set content functions, but this seems to be the general use people are using these functions for. On that note, if you are trying to set the value of an existing node, using the replacement (as indicated from the docs) you would should be creating a new node and appending it, which means you then should remove the old node. Shouldnt there be a set_node_value or similar function to just replace the content of an existing node? A set_node_value function would be DOM compliant as the nodeValue property is read/write according to the specs. Rob -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] domxml questions
So then can I safely assume that the functions arent really depreciated then? If the functions were to be depreciated there really isn't a replacement for them implemented yet. As far as the set_node_value, I had just mentioned that as according to the docs the functions were being depreciated due to being non-compliant. If that was/is the case, then there would be the need for this to at least be able to set the content on text, cdata, comment, etc.. nodes. Rob On Saturday 18 May 2002 11:37 am, Christian Stocker wrote: On Sat, 18 May 2002, Lukas Schroeder wrote: On Sat, May 18, 2002 at 10:05:32AM -0400, Rob Richards wrote: I have been going through the latest domxml extension and have a few questions about it. Looking at the docs, it is indicated that set_content and get_content are depreciated. set_content - Create a new node with e.g. DomDocument_create_text_node() und add it with DomNode_append_child(). get_content - Content is just a text node and can be accessed with DomNode_child_nodes(). Would get_content really be replace with node_value? All the child_nodes would give you is the child nodes. the contents of an element-node are contained in a child-node of that element-node with the special node-name #text. using child_nodes would give you these contents. but, without a get_content() (get_node_value()) function there is no way to get the nodeValue (content) of the #text node. hehe. i hope, that deprecating or even removing a get_content() function (or an equivalent) wont happen, because i definately dont want to replace entity-references in contents manually. the purpose of get_content() was and is to do that for me. yep. i agree. Making domxml w3c-compliant doesn't mean for me removing all the other not-w3c-compliant functions. I don't see any sense in removing this sometimes very handy functions. I'm not sure, why these functions are markes as deprecated in the manual... On that note, if you are trying to set the value of an existing node, using the replacement (as indicated from the docs) you would should be creating a new node and appending it, which means you then should remove the old node. Shouldnt there be a set_node_value or similar function to just replace the content of an existing node? A set_node_value function would be DOM compliant as the nodeValue property is read/write according to the specs. but that doesn't help you anything. nodeValue of an element node does not carry the content of this element (IIRC). nodeValue of a textnode does on the other side.. chregu -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DEV] cant compile 4.2.1 on FreeBSD with domxml support
I am trying to install 4.2.1 on FreeBSD 4.4 STABLE. It continues to fail during make in domxml with the following: Making all in domxml /bin/sh /usr/ports/www/mod_php4/work/php-4.2.1/libtool --silent --mode=compile c -I. -I/usr/ports/www/mod_php4/work/php-4.2.1/ext/domxml -I/usr/ports/www/ mod_php4/work/php-4.2.1/main -I/usr/ports/www/mod_php4/work/php-4.2.1 -I/usr /local/include/apache -I/usr/ports/www/mod_php4/work/php-4.2.1/Zend -I/usr/l ocal/include/libxml2 -I/usr/local/include -I/usr/local/include/mysql -DHARD _SERVER_LIMIT=512 -DDOCUMENT_LOCATION=/usr/local/www/data/ -DDEFAULT_PATH= /usr/local/bin:/bin:/usr/bin -DACCEPT_FILTER_NAME=httpready -DMOD_SSL=20 8106 -DEAPI -DEAPI_MM -DUSE_EXPAT -I/usr/ports/www/mod_php4/work/php-4.2.1/T SRM -O -pipe -I/usr/local/include -prefer-pic -c php_domxml.c php_domxml.c: In function `zif_domxml_doc_get_element_by_id': php_domxml.c:2675: warning: passing arg 2 of `xmlHashScan' from incompatible pointer type php_domxml.c: In function `zif_domxml_doc_ids': php_domxml.c:3292: warning: passing arg 2 of `xmlHashScan' from incompatible pointer type php_domxml.c: In function `zif_xmldoc': php_domxml.c:3309: `xmlDoValidityCheckingDefaultValue' undeclared (first use in this function) php_domxml.c:3309: (Each undeclared identifier is reported only once php_domxml.c:3309: for each function it appears in.) php_domxml.c:3325: `xmlLoadExtDtdDefaultValue' undeclared (first use in this function) *** Error code 1 Stop in /usr/ports/www/mod_php4/work/php-4.2.1/ext/domxml. We have installed 4.2.1 on our linux machines without any problems but just cant get it to work on FreeBSD. We have tried installing from the FreeBSD port and also directly from the source code, but get the same results. Can anyone shed some light on what the problem could be? Thanks, Rob -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] cant compile 4.2.1 on FreeBSD with domxml support
Thanks, That was it. I was running 2.4.3 on the BSD machine. Just upgraded to 2.4.21 and it compiles fine. Appreciate the help Rob - Original Message - From: Markus Fischer [EMAIL PROTECTED] To: Rob Richards [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, May 17, 2002 6:17 PM Subject: Re: [PHP-DEV] cant compile 4.2.1 on FreeBSD with domxml support What version of libxml2 ? Needs to be = 2.4.14 On Fri, May 17, 2002 at 06:11:42PM -0400, Rob Richards wrote : I am trying to install 4.2.1 on FreeBSD 4.4 STABLE. It continues to fail during make in domxml with the following: Making all in domxml /bin/sh /usr/ports/www/mod_php4/work/php-4.2.1/libtool --silent --mode=compile c -I. -I/usr/ports/www/mod_php4/work/php-4.2.1/ext/domxml -I/usr/ports/www/ mod_php4/work/php-4.2.1/main -I/usr/ports/www/mod_php4/work/php-4.2.1 -I/usr /local/include/apache -I/usr/ports/www/mod_php4/work/php-4.2.1/Zend -I/usr/l cal/include/libxml2 -I/usr/local/include -I/usr/local/include/mysql -DHARD _SERVER_LIMIT=512 -DDOCUMENT_LOCATION=/usr/local/www/data/ -DDEFAULT_PATH= /usr/local/bin:/bin:/usr/bin -DACCEPT_FILTER_NAME=httpready -DMOD_SSL=20 8106 -DEAPI -DEAPI_MM -DUSE_EXPAT -I/usr/ports/www/mod_php4/work/php-4.2.1/T SRM -O -pipe -I/usr/local/include -prefer-pic -c php_domxml.c php_domxml.c: In function `zif_domxml_doc_get_element_by_id': php_domxml.c:2675: warning: passing arg 2 of `xmlHashScan' from incompatible pointer type php_domxml.c: In function `zif_domxml_doc_ids': php_domxml.c:3292: warning: passing arg 2 of `xmlHashScan' from incompatible pointer type php_domxml.c: In function `zif_xmldoc': php_domxml.c:3309: `xmlDoValidityCheckingDefaultValue' undeclared (first use in this function) php_domxml.c:3309: (Each undeclared identifier is reported only once php_domxml.c:3309: for each function it appears in.) php_domxml.c:3325: `xmlLoadExtDtdDefaultValue' undeclared (first use in this function) *** Error code 1 Stop in /usr/ports/www/mod_php4/work/php-4.2.1/ext/domxml. We have installed 4.2.1 on our linux machines without any problems but just cant get it to work on FreeBSD. We have tried installing from the FreeBSD port and also directly from the source code, but get the same results. Can anyone shed some light on what the problem could be? Thanks, Rob -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php -- Please always Cc to me when replying to me on the lists. GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc - I mean When in doubt, blame mcrypt is more often right than wrong :) Always right, never wrong :) - Two PHP developers who want to remain unnamed -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DEV] Re: Bug #15530 Updated: conent of node node correct reading new DOM value after set_content of node
Thanks, but same results.
when I put the example code up there I also was thinking who would ever need
to set and then read the same information. Unfortunately our real case
scenario runs into this.
Just for reference: We have a complex workflow, so have no idea where we are
in the workflow we are when information is passed to through it. We have a
case, which is how we found this problem, where data is set and then in
another point in the workflow the information is accessed. Only work around
we could come up with was to hard code an indicator which identified when we
were in this problem section so that it would ignore reading the newly set
data and use the information we had previously set.
Thanks for the help.
Rob
- Original Message -
From: Joseph Tate [EMAIL PROTECTED]
To: Rob Richards [EMAIL PROTECTED]; Php-Dev List
[EMAIL PROTECTED]
Sent: Wednesday, February 13, 2002 11:51 AM
Subject: RE: Bug #15530 Updated: conent of node node correct reading new DOM
value after set_content of node
Ok, try the following code:
function getContent ($n)
{
if (!($children = $n-children())) return '';
$content = '';
foreach ($children as $c) {
if ($c-type == XML_TEXT_NODE) {
$content .= $c-content;
}
}
return $content;
}
Then use getContent($n) rather than $n-content. This could fix your
problem, but I'm not sure. It still uses the -content property (though
in
a TEXT_NODE context). I don't actually make changes and then read back
the
contents in any of my code, so this is new to me.
As for the time frame for the next release of php? I don't know.
Joseph
-Original Message-
From: Rob Richards [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 13, 2002 11:42 AM
To: Joseph Tate
Subject: Re: Bug #15530 Updated: conent of node node correct reading new
DOM value after set_content of node
Management's definition of a custom build is any package or port
that we use
not coming from a maintainer - go figure. This includes grabbing CVS
updates. Losing battle trying to argue this with them.
We have built a package for RedHat 7.2, 7.1 as well as FreeBSD, but the
ultimate server is out of our control and they will only use the FreeBSD
ports they can pull from within it.
Basically, we are stuck with our code needing to run on the
FreeBSD version
they run which right now only is up to revision 1.90 of the domxml code.
Do you happen to know any time frame for a next release? This may not
be
much of a problem depending upon that.
Thanks,
Rob
- Original Message -
From: Joseph Tate [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; Php-Dev List [EMAIL PROTECTED]
Sent: Wednesday, February 13, 2002 11:19 AM
Subject: RE: Bug #15530 Updated: conent of node node correct
reading new DOM
value after set_content of node
You kind of have to have a custom php build anyway because DOMXML
stuff
isn't part of the RH php installation. I've got rpms for RH 7.2 if
that
will help. They don't have the get_content stuff, but I could
add that to
my custom patch (that fixes bug #14934) no problem. Besides,
it'll be in
the next release; it's not custom code in the purest definition of
the
term.
Joseph
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 13, 2002 11:04 AM
To: [EMAIL PROTECTED]
Subject: Bug #15530 Updated: conent of node node correct
reading new DOM
value after set_content of node
ID: 15530
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: DOM XML related
Operating System: RedHat 7.2
PHP Version: 4.1.1
New Comment:
Any other workaround for the get_content problem? We can use a
custom
php build on our development machines, but cant on the server
where the
code will actually be going.
Thanks
Previous Comments:
[2002-02-13 10:43:55] [EMAIL PROTECTED]
The problem is that the content property is going away, so that
property is not set. This is why it's not being updated. It's
being
replaced by a get_content() function. This is in CVS at this very
moment.
As for the appending of xml contents, the comment in the code is as
follows:
// FIXME: another gotcha. If node has children, calling
// xmlNodeSetContent will remove the children - we loose the zval's
// To prevent crash, append content if children are set
I think if you just used the get_content() function instead of the
-content property that your problem would go away. Of course
you're
going to have to pull it from CVS
