- prevent unexpectable behaviors (for the user) with invalid path

diff --git a/ext/standard/tests/file/tempnam_variation3-win32.phpt b/ext/standard/tests/file/tempnam_variation3-win32.phpt
index 2530736ce6a6de0d5e511d0a9a0a96f555b39693..fb457cb6ab1485fa1f794c444142b43f860fc3a1 100644 (file)
--- a/ext/standard/tests/file/tempnam_variation3-win32.phpt
+++ b/ext/standard/tests/file/tempnam_variation3-win32.phpt
@@ -70,7 +70,7 @@ for( $i=0; $i<count($names_arr); $i++ ) {
                if (realpath($file_dir) == $file_path || realpath($file_dir . "\\") == $file_path) {
                        echo "OK\n";
                } else {
-                       echo "Failed, not created in the correct directory" . realpath($file_dir) . ' vs ' . $file_path ."\n";
+                       echo "Failed, not created in the correct directory " . realpath($file_dir) . ' vs ' . $file_path ."\n";
                }
                
                if (!is_writable($file_name)) {
@@ -99,7 +99,8 @@ OK
 -- Iteration 4 --
 OK
 -- Iteration 5 --
-OK
+Failed, not created in the correct directory %s vs %s
+0
 -- Iteration 6 --
 OK
 -- Iteration 7 --

diff --git a/main/php_open_temporary_file.c b/main/php_open_temporary_file.c
index 99f48816638e3de91778277bad99eddeb17ca992..34c32639b10c29e267ae4a7df5f29fea404f9292 100644 (file)
--- a/main/php_open_temporary_file.c
+++ b/main/php_open_temporary_file.c
@@ -113,6 +113,13 @@ static int php_do_open_temporary_file(const char *path, const char *pfx, char **
                return -1;
        }
 
+#ifdef PHP_WIN32
+       if (!php_win32_check_trailing_space(pfx, (const int)strlen(pfx))) {
+               SetLastError(ERROR_INVALID_NAME);
+               return -1;
+       }
+#endif
+
        if (!VCWD_GETCWD(cwd, MAXPATHLEN)) {
                cwd[0] = '\0';
        }

diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c
index c714eef17fdc0cd4e25f83150e7a2ffc7b3d82e8..fc97f0b8cdf4d640d2b53a07728c3f19126320ef 100644 (file)
--- a/main/streams/plain_wrapper.c
+++ b/main/streams/plain_wrapper.c
@@ -39,6 +39,9 @@
 #include "SAPI.h"
 
 #include "php_streams_int.h"
+#ifdef PHP_WIN32
+# include "win32/winutil.h"
+#endif
 
 #define php_stream_fopen_from_fd_int(fd, mode, persistent_id)  _php_stream_fopen_from_fd_int((fd), (mode), (persistent_id) STREAMS_CC TSRMLS_CC)
 #define php_stream_fopen_from_fd_int_rel(fd, mode, persistent_id)       _php_stream_fopen_from_fd_int((fd), (mode), (persistent_id) STREAMS_REL_CC TSRMLS_CC)
@@ -1043,24 +1046,13 @@ static int php_plain_files_rename(php_stream_wrapper *wrapper, char *url_from, c
        }
 
 #ifdef PHP_WIN32
-       /* Prevent bad things to happen when invalid path are used with MoveFileEx */
-       {
-               int url_from_len = strlen(url_from);
-               int url_to_len = strlen(url_to);
-               char *trimed = php_trim(url_from, url_from_len, NULL, 0, NULL, 1 TSRMLS_CC);
-               int trimed_len = strlen(trimed);
-
-               if (trimed_len == 0 || trimed_len != url_from_len) {
-                       php_win32_docref2_from_error(ERROR_INVALID_NAME, url_from, url_to TSRMLS_CC);
-                       return 0;
-               }
-
-               trimed = php_trim(url_to, url_to_len, NULL, 0, NULL, 1 TSRMLS_CC);
-               trimed_len = strlen(trimed);
-               if (trimed_len == 0 || trimed_len != url_to_len) {
-                       php_win32_docref2_from_error(ERROR_INVALID_NAME, url_from, url_to TSRMLS_CC);
-                       return 0;
-               }
+       if (!php_win32_check_trailing_space(url_from, strlen(url_from))) {
+               php_win32_docref2_from_error(ERROR_INVALID_NAME, url_from, url_to TSRMLS_CC);
+               return 0;
+       }
+       if (!php_win32_check_trailing_space(url_to, strlen(url_to))) {
+               php_win32_docref2_from_error(ERROR_INVALID_NAME, url_from, url_to TSRMLS_CC);
+               return 0;
        }
 #endif
 
@@ -1224,10 +1216,20 @@ static int php_plain_files_mkdir(php_stream_wrapper *wrapper, char *dir, int mod
 
 static int php_plain_files_rmdir(php_stream_wrapper *wrapper, char *url, int options, php_stream_context *context TSRMLS_DC)
 {
+#if PHP_WIN32
+       int url_len = strlen(url);
+#endif
        if (php_check_open_basedir(url TSRMLS_CC)) {
                return 0;
        }
 
+#if PHP_WIN32
+       if (!php_win32_check_trailing_space(url, url_len)) {
+               php_error_docref1(NULL TSRMLS_CC, url, E_WARNING, "%s", strerror(ENOENT));
+               return 0;
+       }
+#endif
+
        if (VCWD_RMDIR(url) < 0) {
                php_error_docref1(NULL TSRMLS_CC, url, E_WARNING, "%s", strerror(errno));
                return 0;

diff --git a/win32/winutil.c b/win32/winutil.c
index 469faf17619a4d288ec4b78f0f16c46a3c4708a9..c10400f122cb69d0bb9fec2c0e8c911bcf9dfddc 100644 (file)
--- a/win32/winutil.c
+++ b/win32/winutil.c
@@ -31,3 +31,18 @@ PHPAPI char *php_win_err(int error)
 
        return (buf ? (char *) buf : "");
 }
+
+int php_win32_check_trailing_space(const char * path, const int path_len) {
+       if (path_len < 1) {
+               return 1;
+       }
+       if (path) {
+               if (path[0] == ' ' || path[path_len - 1] == ' ') {
+                       return 0;
+               } else {
+                       return 1;
+               }
+       } else {
+               return 0;
+       }
+}

diff --git a/win32/winutil.h b/win32/winutil.h
index 24af61872e34d410534bec4c9eb242a4611daa56..83d360026bfa993210f26c4c1bad1efec9784906 100644 (file)
--- a/win32/winutil.h
+++ b/win32/winutil.h
@@ -19,3 +19,4 @@
 PHPAPI char *php_win_err(int error);
 
 #define php_win_err()  php_win_err(GetLastError())
+int php_win32_check_trailing_space(const char * path, const int path_len);