summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Schneider <schneider@search.ch>2020-12-02 10:21:08 +0100
committerNikita Popov <nikita.ppv@gmail.com>2020-12-03 09:43:15 +0100
commit7bc7a80445f2bb349891d3cccfef2d589c48607e (patch)
tree7cd0b4fd7b8a5c7b035e436862be10ffb0d1fe70
parent72cd5793beea990af7b13013f50e91a6ea45c728 (diff)
downloadphp-git-7bc7a80445f2bb349891d3cccfef2d589c48607e.tar.gz
Make is_file() and friends return false when path contains 0-byte
These functions now return false silently: is_writable, is_readable, is_executable, is_file, is_dir, is_link, file_exists These functions now throw a warning an return false (rather than throwing a ValueError): fileperms, fileinode, filesize, fileowner, filegroup, filetype, fileatime, filemtime, filectime, lstat, stat See also https://externals.io/message/112333. Closes GH-6478.
Diffstat
-rw-r--r--ext/standard/filestat.c7
-rw-r--r--ext/standard/tests/file/bug39863.phpt9
-rw-r--r--ext/standard/tests/file/filegroup_variation3.phpt8
-rw-r--r--ext/standard/tests/file/fileinode_variation3.phpt8
-rw-r--r--ext/standard/tests/file/fileowner_variation3.phpt8
-rw-r--r--ext/standard/tests/file/fileperms_variation3.phpt8
-rw-r--r--ext/standard/tests/file/is_dir_variation4.phpt4
-rw-r--r--ext/standard/tests/file/is_executable_variation1.phpt4
-rw-r--r--ext/standard/tests/file/is_file_variation4.phpt4
-rw-r--r--ext/standard/tests/file/is_readable_variation1.phpt6
-rw-r--r--ext/standard/tests/file/is_writable_variation1.phpt12
11 files changed, 46 insertions, 32 deletions
diff --git a/ext/standard/filestat.c b/ext/standard/filestat.c
index 61546c3da6..303e919c19 100644
--- a/ext/standard/filestat.c
+++ b/ext/standard/filestat.c
@@ -728,7 +728,10 @@ PHPAPI void php_stat(const char *filename, size_t filename_length, int type, zva
const char *local;
php_stream_wrapper *wrapper;
- if (!filename_length) {
+ if (!filename_length || CHECK_NULL_PATH(filename, filename_length)) {
+ if (filename_length && !IS_EXISTS_CHECK(type)) {
+ php_error_docref(NULL, E_WARNING, "Filename contains null byte");
+ }
RETURN_FALSE;
}
@@ -937,7 +940,7 @@ ZEND_NAMED_FUNCTION(name) { \
size_t filename_len; \
\
ZEND_PARSE_PARAMETERS_START(1, 1) \
- Z_PARAM_PATH(filename, filename_len) \
+ Z_PARAM_STRING(filename, filename_len) \
ZEND_PARSE_PARAMETERS_END(); \
\
php_stat(filename, filename_len, funcnum, return_value); \
diff --git a/ext/standard/tests/file/bug39863.phpt b/ext/standard/tests/file/bug39863.phpt
index c69cb6d0a6..88c569473a 100644
--- a/ext/standard/tests/file/bug39863.phpt
+++ b/ext/standard/tests/file/bug39863.phpt
@@ -6,12 +6,7 @@ Andrew van der Stock, vanderaj @ owasp.org
<?php
$filename = __FILE__ . chr(0). ".ridiculous";
-
-try {
- var_dump(file_exists($filename));
-} catch (ValueError $e) {
- echo $e->getMessage(), "\n";
-}
+var_dump(file_exists($filename));
?>
--EXPECT--
-file_exists(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
diff --git a/ext/standard/tests/file/filegroup_variation3.phpt b/ext/standard/tests/file/filegroup_variation3.phpt
index d18da05855..e844be0772 100644
--- a/ext/standard/tests/file/filegroup_variation3.phpt
+++ b/ext/standard/tests/file/filegroup_variation3.phpt
@@ -75,8 +75,12 @@ bool(false)
Warning: filegroup(): stat failed for %s/filegroup_variation3/filegroup*.tmp in %s on line %d
bool(false)
- Iteration 7 -
-filegroup(): Argument #1 ($filename) must not contain any null bytes
+
+Warning: filegroup(): Filename contains null byte in %s on line %d
+bool(false)
- Iteration 8 -
-filegroup(): Argument #1 ($filename) must not contain any null bytes
+
+Warning: filegroup(): Filename contains null byte in %s on line %d
+bool(false)
*** Done ***
diff --git a/ext/standard/tests/file/fileinode_variation3.phpt b/ext/standard/tests/file/fileinode_variation3.phpt
index 1158308687..92357a3619 100644
--- a/ext/standard/tests/file/fileinode_variation3.phpt
+++ b/ext/standard/tests/file/fileinode_variation3.phpt
@@ -74,8 +74,12 @@ bool(false)
Warning: fileinode(): stat failed for %s/fileinode_variation3/fileinode*.tmp in %s on line %d
bool(false)
- Iteration 7 -
-fileinode(): Argument #1 ($filename) must not contain any null bytes
+
+Warning: fileinode(): Filename contains null byte in %s on line %d
+bool(false)
- Iteration 8 -
-fileinode(): Argument #1 ($filename) must not contain any null bytes
+
+Warning: fileinode(): Filename contains null byte in %s on line %d
+bool(false)
*** Done ***
diff --git a/ext/standard/tests/file/fileowner_variation3.phpt b/ext/standard/tests/file/fileowner_variation3.phpt
index a61b0ab0a3..63ba6936aa 100644
--- a/ext/standard/tests/file/fileowner_variation3.phpt
+++ b/ext/standard/tests/file/fileowner_variation3.phpt
@@ -75,8 +75,12 @@ bool(false)
Warning: fileowner(): stat failed for %s/fileowner_variation3/fileowner*.tmp in %s on line %d
bool(false)
- Iteration 7 -
-fileowner(): Argument #1 ($filename) must not contain any null bytes
+
+Warning: fileowner(): Filename contains null byte in %s on line %d
+bool(false)
- Iteration 8 -
-fileowner(): Argument #1 ($filename) must not contain any null bytes
+
+Warning: fileowner(): Filename contains null byte in %s on line %d
+bool(false)
*** Done ***
diff --git a/ext/standard/tests/file/fileperms_variation3.phpt b/ext/standard/tests/file/fileperms_variation3.phpt
index ada750bbab..5e981e9b86 100644
--- a/ext/standard/tests/file/fileperms_variation3.phpt
+++ b/ext/standard/tests/file/fileperms_variation3.phpt
@@ -74,8 +74,12 @@ bool(false)
Warning: fileperms(): stat failed for %s/fileperms_variation3/fileperms*.tmp in %s on line %d
bool(false)
- Iteration 7 -
-fileperms(): Argument #1 ($filename) must not contain any null bytes
+
+Warning: fileperms(): Filename contains null byte in %s on line %d
+bool(false)
- Iteration 8 -
-fileperms(): Argument #1 ($filename) must not contain any null bytes
+
+Warning: fileperms(): Filename contains null byte in %s on line %d
+bool(false)
*** Done ***
diff --git a/ext/standard/tests/file/is_dir_variation4.phpt b/ext/standard/tests/file/is_dir_variation4.phpt
index 8a1563992f..d6e64efe21 100644
--- a/ext/standard/tests/file/is_dir_variation4.phpt
+++ b/ext/standard/tests/file/is_dir_variation4.phpt
@@ -76,9 +76,9 @@ bool(true)
bool(false)
-- Iteration 9 --
-is_dir(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
-- Iteration 10 --
-is_dir(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
*** Done ***
diff --git a/ext/standard/tests/file/is_executable_variation1.phpt b/ext/standard/tests/file/is_executable_variation1.phpt
index de08c1d917..a85b9a2ef0 100644
--- a/ext/standard/tests/file/is_executable_variation1.phpt
+++ b/ext/standard/tests/file/is_executable_variation1.phpt
@@ -76,9 +76,9 @@ bool(false)
-- Iteration 5 --
bool(false)
-- Iteration 6 --
-is_executable(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
-- Iteration 7 --
-is_executable(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
-- Iteration 8 --
bool(false)
-- Iteration 9 --
diff --git a/ext/standard/tests/file/is_file_variation4.phpt b/ext/standard/tests/file/is_file_variation4.phpt
index f6921d1d87..1afc34dd03 100644
--- a/ext/standard/tests/file/is_file_variation4.phpt
+++ b/ext/standard/tests/file/is_file_variation4.phpt
@@ -66,8 +66,8 @@ bool(false)
- Iteration 6 -
bool(false)
- Iteration 7 -
-is_file(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
- Iteration 8 -
-is_file(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
*** Done ***
diff --git a/ext/standard/tests/file/is_readable_variation1.phpt b/ext/standard/tests/file/is_readable_variation1.phpt
index d46e5fa5ca..9c25213f8a 100644
--- a/ext/standard/tests/file/is_readable_variation1.phpt
+++ b/ext/standard/tests/file/is_readable_variation1.phpt
@@ -77,11 +77,11 @@ bool(false)
-- Iteration 6 --
bool(false)
-- Iteration 7 --
-is_readable(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
-- Iteration 8 --
-is_readable(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
-- Iteration 9 --
-is_readable(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
-- Iteration 10 --
bool(true)
-- Iteration 11 --
diff --git a/ext/standard/tests/file/is_writable_variation1.phpt b/ext/standard/tests/file/is_writable_variation1.phpt
index 9361ec947c..80695d6d45 100644
--- a/ext/standard/tests/file/is_writable_variation1.phpt
+++ b/ext/standard/tests/file/is_writable_variation1.phpt
@@ -87,14 +87,14 @@ bool(false)
bool(false)
bool(false)
-- Iteration 7 --
-is_writable(): Argument #1 ($filename) must not contain any null bytes
-is_writeable(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
+bool(false)
-- Iteration 8 --
-is_writable(): Argument #1 ($filename) must not contain any null bytes
-is_writeable(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
+bool(false)
-- Iteration 9 --
-is_writable(): Argument #1 ($filename) must not contain any null bytes
-is_writeable(): Argument #1 ($filename) must not contain any null bytes
+bool(false)
+bool(false)
-- Iteration 10 --
bool(true)
bool(true)
View Lorry Controller Status