From: Ilia Alshanetsky Date: Tue, 10 Feb 2009 14:18:46 +0000 (+0000) Subject: MFB: Added path truncation E_NOTICE to let people now when path resolving X-Git-Tag: RELEASE_1_3_5~155 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=986a933c821dd7360310457cfa4b7dfb1f000179;p=php MFB: Added path truncation E_NOTICE to let people now when path resolving caused the file path to be truncated. --- diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index 0010415a0b..2ffce25b9e 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -706,7 +706,9 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c *end = '\0'; end++; } - snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename); + if (snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename) > MAXPATHLEN) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path was truncated to %d", ptr, filename, MAXPATHLEN); + } if (PG(safe_mode)) { if (VCWD_STAT(trypath, &sb) == 0) { /* file exists ... check permission */ diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index 8b554fdf5b..8448288905 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -1328,7 +1328,9 @@ not_relative_path: /* getcwd() will return always return [DRIVE_LETTER]:/) on windows. */ *(cwd+3) = '\0'; - snprintf(trypath, MAXPATHLEN, "%s%s", cwd, filename); + if (snprintf(trypath, MAXPATHLEN, "%s%s", cwd, filename) > MAXPATHLEN) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path was truncated to %d", cwd, filename, MAXPATHLEN); + } free(cwd); @@ -1389,7 +1391,9 @@ not_relative_path: if (*ptr == '\0') { goto stream_skip; } - snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename); + if (snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename) > MAXPATHLEN) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path was truncated to %file", ptr, filename, MAXPATHLEN); + } if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir_ex(trypath, 0 TSRMLS_CC)) { goto stream_skip;