diff options
| author | Adam Harvey <aharvey@php.net> | 2010-11-05 05:28:07 +0000 |
|---|---|---|
| committer | Adam Harvey <aharvey@php.net> | 2010-11-05 05:28:07 +0000 |
| commit | b84e262f63b6848b4046295a7d06e17124e250da (patch) | |
| tree | 81e95413b462f56a3846d8287eeb68bdd511db0c | |
| parent | dd038a9c890b128b6a3912ab3709c92330012bd4 (diff) | |
| download | php-git-b84e262f63b6848b4046295a7d06e17124e250da.tar.gz | |
Fix bug #53226 (file_exists fails on big filenames).
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | main/fopen_wrappers.c | 8 | ||||
| -rw-r--r-- | tests/security/bug53226.phpt | 31 |
3 files changed, 40 insertions, 0 deletions
@@ -55,6 +55,7 @@ - Fixed bug #53241 (stream casting that relies on fdopen/fopencookie fails with streams opened with, inter alia, the 'xb' mode). (Gustavo) +- Fixed bug #53226 (file_exists fails on big filenames). (Adam) - Fixed bug #53198 (changing INI setting "from" with ini_set did not have any effect). (Gustavo) - Fixed bug #53180 (post_max_size=0 not disabling the limit when the content diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index 41f3127863..8bc649ef55 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -292,6 +292,14 @@ PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC) char *ptr; char *end; + /* Check if the path is too long so we can give a more useful error + * message. */ + if (strlen(path) > (MAXPATHLEN - 1)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "File name is longer than the maximum allowed path length on this platform (%d): %s", MAXPATHLEN, path); + errno = EINVAL; + return -1; + } + pathbuf = estrdup(PG(open_basedir)); ptr = pathbuf; diff --git a/tests/security/bug53226.phpt b/tests/security/bug53226.phpt new file mode 100644 index 0000000000..e462d3e9d7 --- /dev/null +++ b/tests/security/bug53226.phpt @@ -0,0 +1,31 @@ +--TEST-- +Bug #53226 (file_exists fails on big filenames) +--INI-- +open_basedir=. +--FILE-- +<?php +require_once "open_basedir.inc"; +create_directories(); + +var_dump(file_exists('./test/ok/ok.txt')); +var_dump(file_exists('./test/foo')); + +// Picked an arbitrarily large number that should be beyond PATH_MAX on every +// OS I know about. +$file = str_repeat('x', 40000); +var_dump(file_exists("./test/$file")); +?> +--CLEAN-- +<?php +require_once "open_basedir.inc"; +delete_directories(); +?> +--EXPECTF-- +bool(true) +bool(true) +bool(true) +bool(true) +bool(false) + +Warning: file_exists(): File name is longer than the maximum allowed path length on this platform (%d): %s in %s on line %d +bool(false) |