Fix bug #53226 (file_exists fails on big filenames).

diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c
index f8679d567575ce8e792d29b24aec704763a1b547..5424f78970695a45a9e182123aeda709f6b3a3fb 100644 (file)
--- a/main/fopen_wrappers.c
+++ b/main/fopen_wrappers.c
@@ -291,6 +291,14 @@ PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC)
                char *ptr;
                char *end;
 
+               /* Check if the path is too long so we can give a more useful error
+               * message. */
+               if (strlen(path) > (MAXPATHLEN - 1)) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "File name is longer than the maximum allowed path length on this platform (%d): %s", MAXPATHLEN, path);
+                       errno = EINVAL;
+                       return -1;
+               }
+
                pathbuf = estrdup(PG(open_basedir));
 
                ptr = pathbuf;

diff --git a/tests/security/bug53226.phpt b/tests/security/bug53226.phpt
new file mode 100644 (file)
index 0000000..e462d3e
--- /dev/null
+++ b/tests/security/bug53226.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Bug #53226 (file_exists fails on big filenames)
+--INI--
+open_basedir=.
+--FILE--
+<?php
+require_once "open_basedir.inc";
+create_directories();
+
+var_dump(file_exists('./test/ok/ok.txt'));
+var_dump(file_exists('./test/foo'));
+
+// Picked an arbitrarily large number that should be beyond PATH_MAX on every
+// OS I know about.
+$file = str_repeat('x', 40000);
+var_dump(file_exists("./test/$file"));
+?>
+--CLEAN--
+<?php
+require_once "open_basedir.inc";
+delete_directories();
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+bool(false)
+
+Warning: file_exists(): File name is longer than the maximum allowed path length on this platform (%d): %s in %s on line %d
+bool(false)