From a8682814f3569f0bacec66c158984ea6c5d55f55 Mon Sep 17 00:00:00 2001 From: Pierre Joye Date: Sun, 7 Feb 2010 20:45:46 +0000 Subject: [PATCH] - prevent unexpectable behaviors (for the user) with invalid path and update tests (portability) --- .../tests/array/array_flip_variation2.phpt | Bin 2178 -> 2179 bytes .../tests/array/uasort_variation5.phpt | 2 +- .../tests/file/rename_variation13-win32.phpt | Bin 3614 -> 4553 bytes .../tests/file/tempnam_variation3-win32.phpt | 24 +++++++---- .../tests/general_functions/bug49847.phpt | 39 +++++++----------- .../tests/general_functions/bug50732.phpt | 24 ----------- .../general_functions/proc_nice_basic.phpt | 4 ++ .../general_functions/proc_nice_error.phpt | 4 ++ .../proc_nice_variation1.phpt | 4 ++ .../proc_nice_variation2.phpt | 4 ++ .../proc_nice_variation3.phpt | 4 ++ .../proc_nice_variation5.phpt | 3 +- .../proc_nice_variation6.phpt | 4 ++ .../proc_nice_variation7.phpt | 4 ++ .../tests/general_functions/strval.phpt | 4 +- ext/standard/tests/streams/bug49936.phpt | 5 +++ .../tests/streams/bug49936_win32.phpt | 30 ++++++++++++++ .../streams/stream_resolve_include_path.phpt | 4 +- main/php_open_temporary_file.c | 10 +++++ main/streams/plain_wrapper.c | 24 +++++++++++ win32/winutil.c | 15 +++++++ win32/winutil.h | 1 + 22 files changed, 150 insertions(+), 63 deletions(-) create mode 100644 ext/standard/tests/streams/bug49936_win32.phpt diff --git a/ext/standard/tests/array/array_flip_variation2.phpt b/ext/standard/tests/array/array_flip_variation2.phpt index 1474a6955b5229638e25153cf4c0e448be4b662d..997c391306e5cf751d4603cad8fb3c679155dab4 100644 GIT binary patch delta 21 ccmZn?Y!=*L%E79dqN$)XnVZRcash`B06Rnl0ssI2 delta 35 qcmZn`Y!cjH%E4lysh~8Oo5@^=D={yHGcl()Ux}-h%OyWAl?wow@d()f diff --git a/ext/standard/tests/array/uasort_variation5.phpt b/ext/standard/tests/array/uasort_variation5.phpt index 22d9da31c5..e6996a55fe 100644 --- a/ext/standard/tests/array/uasort_variation5.phpt +++ b/ext/standard/tests/array/uasort_variation5.phpt @@ -139,7 +139,7 @@ array(4) { [1]=> string(7) "Heredoc" [3]=> - string(43) "heredoc string with!@# and 123 + string(4%d) "heredoc string with!@# and 123 Test this!!!" } Done diff --git a/ext/standard/tests/file/rename_variation13-win32.phpt b/ext/standard/tests/file/rename_variation13-win32.phpt index 290095629e4a2f28c3c4e0b043260fb63ef33a43..ccbb62185089f93a884886d8c1b9d9ad3cd70fbf 100644 GIT binary patch literal 4553 zcmeHKTW{Mo6yEFfD^7(3mR!q@+g-Y(X%{pOW;E!6#$5-rg+WVH%tj^+k;(0ilF8_Bk|e=IT1TbSVj-iL@=B*p8BLpXB1$FvbK;*( zWl8B1QK*cT!p&`vB+p)scE^)LnAsI4lAg=L%5!?0O^^N4uhns1%@+OCES^C6@cH;) zya(aOPnYv$pz_F8GwaIe;J1V6?}t6w=+VQN?rl@}di)}c1ENgHD743FNoA$U=;9n- z^jhi6oZ2wn3ZAmzz489&((Is12c>bwoi8Qf95Z8zivz-$(nn;9Y|01jQL~`ssb6^0 zgQPW8nMz8HcJj=<1B@>1N}HBy$#iVeOV1Vw%2gqWw+}B=GPy}m8dxWECdzEUBK?$Q zb_yjdIdjRe-DKTC0Khw%L|F9jP=wT6f!9K?zvX=yG?$)^}V`bcV7 z3WwE9~_1v)yQTp3(|Wv zGn-amltYPtce`(OxD~AN->FBm&3=6ePp4cA(`nof2epwuL^*uO;==Q@O|4$PGZ1W~ z?-t7raHyQ3dy8Y(idvyKroV#keIe#T6`a9oDG{|Rh6n~20$1eUK>!{jT2tE_Tll8O zD5Xlfs7>dX*YDpawoK&Lk>TzBn>F=r3p+J0Ny1i;C7zj%7waI3edLehDz7caSO_Ue zJU38w2E0f0sR4_)iA}R=v5XpW>#bhxH})b-fM?am(>8`{m_$_R0?FR2vPqnkXhq2r z?P-Hft5q-8YS*Bt8&ZS!dNiM47>LTne*(DGB-mTcDYk30yv!lrK1Y8ZjGj%nF@Hu1 zqV3W~8FfdVIklS1Ew z^X_3jXkq>f;W{Y9OctP8J8{OBhSI4iS@@FJ z;RD>pAEkB$*iDhWD`1HE!>eTSwZ-vX0sM{08$t{wf4ItIGckSR@)qR+E`Myfq|U|o z`B`Mrm#%U8ii-TFmd@{PN9UJj^D83r=a$SJejDjDFD2KdXN-{-H?hNDj#+pi9qxTx zUj|cjlhwUO`$(Ng{i)Z;)#2+p7r4kj-Nj0?|KAqbHZK@LT3xN@*+g~`h7viNmy!F8xlw&ya$t5|OG1WsMNDijB|afski0Qpu= zRzcHB0bhWEd@MNGnukCjBFtr=N+|NfBgL_(D6tY`rs!q|K2}C)xP*RQzCI`&=!4RM yJ}?o0Jv4bbzX;w4f_R8efIu`(o+KbN*?~(}xgeuJABc$xCRaga0(S2b "; - print($file_name); - echo "\n"; + /* creating the files in existing dir */ + if (file_exists($file_name) && !$res_arr[$i]) { + echo "Failed\n"; + } + if ($res_arr[$i]) { + $file_dir = dirname($file_name); + if (realpath($file_dir) == $file_path || realpath($file_dir . "\\") == $file_path) { + echo "OK\n"; + } else { + echo "Failed, not created in the correct directory " . realpath($file_dir) . ' vs ' . $file_path ."\n"; + } + + if (!is_writable($file_name)) { + printf("%o\n", fileperms($file_name) ); echo "File permissions are => "; printf("%o", fileperms($file_name) ); @@ -94,9 +103,8 @@ File name is => %s\%s File permissions are => 100666 File created in => directory specified -- Iteration 5 -- -File name is => %s\%s -File permissions are => 100666 -File created in => directory specified +Failed, not created in the correct directory %s vs %s +0 -- Iteration 6 -- File name is => %s\%s File permissions are => 100666 diff --git a/ext/standard/tests/general_functions/bug49847.phpt b/ext/standard/tests/general_functions/bug49847.phpt index 637abd24ea..8895202d0c 100644 --- a/ext/standard/tests/general_functions/bug49847.phpt +++ b/ext/standard/tests/general_functions/bug49847.phpt @@ -2,35 +2,24 @@ Bug #49847 (exec() fails on lines larger then 4095 bytes) --FILE-- ---EXPECT-- -array(1) { - [0]=> - string(4098) " 1" +$iswin = substr(PHP_OS, 0, 3) == "WIN"; + +if ($iswin) { + $f = dirname(__FILE__) . '\\bug49847.tmp'; + $s = str_repeat(' ', 4097); + $s .= '1'; + file_put_contents($f, $s); + exec('more ' . $f, $output); +} else { + exec("printf %4098d 1", $output); } ---TEST-- -Bug #49847 (exec() fails on lines larger then 4095 bytes) ---FILE-- - ---EXPECT-- -array(1) { - [0]=> - string(4098) " 1" +if ($iswin) { + unlink($f); } ---TEST-- -Bug #49847 (exec() fails on lines larger then 4095 bytes) ---FILE-- - ---EXPECT-- +--EXPECTF-- array(1) { [0]=> - string(4098) " 1" + string(4098) "%s 1" } diff --git a/ext/standard/tests/general_functions/bug50732.phpt b/ext/standard/tests/general_functions/bug50732.phpt index e036b47ed6..ed8341decb 100644 --- a/ext/standard/tests/general_functions/bug50732.phpt +++ b/ext/standard/tests/general_functions/bug50732.phpt @@ -10,27 +10,3 @@ array(1) { [0]=> string(1) "x" } ---TEST-- -Bug #50732 (exec() adds single byte twice to $output array) ---FILE-- - ---EXPECT-- -array(1) { - [0]=> - string(1) "x" -} ---TEST-- -Bug #50732 (exec() adds single byte twice to $output array) ---FILE-- - ---EXPECT-- -array(1) { - [0]=> - string(1) "x" -} diff --git a/ext/standard/tests/general_functions/proc_nice_basic.phpt b/ext/standard/tests/general_functions/proc_nice_basic.phpt index 5a95756276..3a958901a2 100644 --- a/ext/standard/tests/general_functions/proc_nice_basic.phpt +++ b/ext/standard/tests/general_functions/proc_nice_basic.phpt @@ -5,6 +5,10 @@ Italian PHP TestFest 2009 Cesena 19-20-21 june Fabio Fabbrucci (fabbrucci@grupporetina.com) Michele Orselli (mo@ideato.it) Simone Gentili (sensorario@gmail.com) +--SKIPIF-- + --FILE-- --FILE-- --FILE-- --FILE-- --FILE-- --FILE-- --FILE-- --FILE-- --FILE-- +--INI-- +default_socket_timeout=2 +--FILE-- + +--EXPECTF-- +Warning: opendir(): connect() failed: %s + in %s on line %d + +Warning: opendir(ftp://...@localhost/): failed to open dir: operation failed in %s on line %d +bool(false) + +Warning: opendir(): connect() failed: %s + in %s on line %d + +Warning: opendir(ftp://...@localhost/): failed to open dir: operation failed in %s on line %d +bool(false) diff --git a/ext/standard/tests/streams/stream_resolve_include_path.phpt b/ext/standard/tests/streams/stream_resolve_include_path.phpt index 01c05a5ca2..aea5cdd96c 100644 --- a/ext/standard/tests/streams/stream_resolve_include_path.phpt +++ b/ext/standard/tests/streams/stream_resolve_include_path.phpt @@ -32,6 +32,6 @@ rmdir($include_path); Warning: stream_resolve_include_path() expects exactly 1 parameter, 0 given in %s on line %d NULL bool(false) -string(%d) "%s/test_path/file" -string(%d) "%s/test_path/nested/file" +string(%d) "%stest_path%sfile" +string(%d) "%stest_path%snested%sfile" diff --git a/main/php_open_temporary_file.c b/main/php_open_temporary_file.c index 942eeacea4..cf17f27d66 100644 --- a/main/php_open_temporary_file.c +++ b/main/php_open_temporary_file.c @@ -113,6 +113,13 @@ static int php_do_open_temporary_file(const char *path, const char *pfx, char ** return -1; } +#ifdef PHP_WIN32 + if (!php_win32_check_trailing_space(pfx, (const int)strlen(pfx))) { + SetLastError(ERROR_INVALID_NAME); + return -1; + } +#endif + if (!VCWD_GETCWD(cwd, MAXPATHLEN)) { cwd[0] = '\0'; } @@ -138,12 +145,14 @@ static int php_do_open_temporary_file(const char *path, const char *pfx, char ** } #ifdef PHP_WIN32 + if (GetTempFileName(new_state.cwd, pfx, 0, opened_path)) { /* Some versions of windows set the temp file to be read-only, * which means that opening it will fail... */ VCWD_CHMOD(opened_path, 0600); fd = VCWD_OPEN_MODE(opened_path, open_flags, 0600); } + #elif defined(HAVE_MKSTEMP) fd = mkstemp(opened_path); #else @@ -151,6 +160,7 @@ static int php_do_open_temporary_file(const char *path, const char *pfx, char ** fd = VCWD_OPEN(opened_path, open_flags); } #endif + if (fd == -1 || !opened_path_p) { efree(opened_path); } else { diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index 8d94c27c22..f3722d9fc5 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -39,6 +39,9 @@ #include "SAPI.h" #include "php_streams_int.h" +#ifdef PHP_WIN32 +# include "win32/winutil.h" +#endif #define php_stream_fopen_from_fd_int(fd, mode, persistent_id) _php_stream_fopen_from_fd_int((fd), (mode), (persistent_id) STREAMS_CC TSRMLS_CC) #define php_stream_fopen_from_fd_int_rel(fd, mode, persistent_id) _php_stream_fopen_from_fd_int((fd), (mode), (persistent_id) STREAMS_REL_CC TSRMLS_CC) @@ -1060,6 +1063,17 @@ static int php_plain_files_rename(php_stream_wrapper *wrapper, char *url_from, c return 0; } +#ifdef PHP_WIN32 + if (!php_win32_check_trailing_space(url_from, strlen(url_from))) { + php_win32_docref2_from_error(ERROR_INVALID_NAME, url_from, url_to TSRMLS_CC); + return 0; + } + if (!php_win32_check_trailing_space(url_to, strlen(url_to))) { + php_win32_docref2_from_error(ERROR_INVALID_NAME, url_from, url_to TSRMLS_CC); + return 0; + } +#endif + if ((p = strstr(url_from, "://")) != NULL) { url_from = p + 3; } @@ -1225,6 +1239,9 @@ static int php_plain_files_mkdir(php_stream_wrapper *wrapper, char *dir, int mod static int php_plain_files_rmdir(php_stream_wrapper *wrapper, char *url, int options, php_stream_context *context TSRMLS_DC) { +#if PHP_WIN32 + int url_len = strlen(url); +#endif if (PG(safe_mode) &&(!php_checkuid(url, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { return 0; } @@ -1233,6 +1250,13 @@ static int php_plain_files_rmdir(php_stream_wrapper *wrapper, char *url, int opt return 0; } +#if PHP_WIN32 + if (!php_win32_check_trailing_space(url, url_len)) { + php_error_docref1(NULL TSRMLS_CC, url, E_WARNING, "%s", strerror(ENOENT)); + return 0; + } +#endif + if (VCWD_RMDIR(url) < 0) { php_error_docref1(NULL TSRMLS_CC, url, E_WARNING, "%s", strerror(errno)); return 0; diff --git a/win32/winutil.c b/win32/winutil.c index 7e1cf3fc91..24b00edfae 100644 --- a/win32/winutil.c +++ b/win32/winutil.c @@ -31,3 +31,18 @@ PHPAPI char *php_win_err(int error) return (buf ? (char *) buf : ""); } + +int php_win32_check_trailing_space(const char * path, const int path_len) { + if (path_len < 1) { + return 1; + } + if (path) { + if (path[0] == ' ' || path[path_len - 1] == ' ') { + return 0; + } else { + return 1; + } + } else { + return 0; + } +} diff --git a/win32/winutil.h b/win32/winutil.h index 36b10200cb..8ee75752da 100644 --- a/win32/winutil.h +++ b/win32/winutil.h @@ -19,3 +19,4 @@ PHPAPI char *php_win_err(int error); #define php_win_err() php_win_err(GetLastError()) +int php_win32_check_trailing_space(const char * path, const int path_len); -- 2.40.0