Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:112338
Return-Path: <george.banyard@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 80963 invoked from network); 1 Dec 2020 18:19:15 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 1 Dec 2020 18:19:15 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 8387E1804D4
	for <internals@lists.php.net>; Tue,  1 Dec 2020 09:46:44 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.2
X-Spam-Virus: No
X-Envelope-From: <george.banyard@gmail.com>
Received: from mail-ej1-f45.google.com (mail-ej1-f45.google.com [209.85.218.45])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Tue,  1 Dec 2020 09:46:43 -0800 (PST)
Received: by mail-ej1-f45.google.com with SMTP id lt17so5919404ejb.3
        for <internals@lists.php.net>; Tue, 01 Dec 2020 09:46:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=g2DoynvXyY4KDUcmHatRle9HzmEbX98C7ZjZTZ1ADJg=;
        b=SH4t1peu8dUP1vf9B2zGozJdwLxXMjNgTW2WrnZT/5dCsdV9WdyykhVqzBdId+qEqD
         IiOvLFFBsC/RMNtVxmKddkO4D+KJRabAl+K0SYIxszCgioVVeJ4oqidg48o9UlUUPMRU
         dt6w+jRhs3mxdjV35VVDb0ga7ARQlU5xND1G+YxnYCzf6JeRdGlGeniuSOr5/ell/8zi
         EaXhon4+duXpU/+/BmtDjk8RfKoJCjZ9PTKIMXvWPGPulrmnirptYu88xXDycDGTyiIU
         LNE7wAMM4ywg1ZIDz3qomGqm29X0ALwN3D78FuaQrGw8bq2buTp6hdSdilI+ySLUgwil
         Re8w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=g2DoynvXyY4KDUcmHatRle9HzmEbX98C7ZjZTZ1ADJg=;
        b=ZvPpr7UQxC6lxVPE+qT2yMxXP7Cm5YNs5Gpa4rChYANQdmLD7MvN6U+pUJTJKDWUin
         4tMirm5CS0n+6FXVaXDuymTru3HuHTLbgNUIWJaOHY1m41nFKWt3fQpylv/97OR+URIR
         x7Cnmymq4cpfoe7V6doH23m6989MTM5C6nd5CiBiHODvYnbXcHJLLBspX+brJihiyTzJ
         ekbKVGc7MJ9r6/F8bh3FtdcOkvxuYqoMvUDap4ydrnb0lp7wFC1Ap7kiywCI9gbQNIVB
         FgRcoVKB3iW/8dHoRlzTBs5ty8ZB8pFMXnGjWmNobqPZ1gedPDi8S19rjHaP6UBDanhf
         4+nA==
X-Gm-Message-State: AOAM532ITmGedqw6YMhBO861uimqktkeM6PktGGcxzijK5BPSnr2EusM
	9awGKc2tWebcnpDE563J485vdEDsiqWLGiWnzrE=
X-Google-Smtp-Source: ABdhPJzPBZKfIL69IfBQAbzA+jGishy+BcqRCTpYEq8END+TVOaF5sljhKi0zJ81GLDMFP6L5d0/3+BhjpZV6wOYw60=
X-Received: by 2002:a17:906:688:: with SMTP id u8mr4115065ejb.77.1606844802595;
 Tue, 01 Dec 2020 09:46:42 -0800 (PST)
MIME-Version: 1.0
References: <b845d5bf-63da-d564-1f0f-cc934188d693@aimeos.com>
 <b546b5bf-27f8-62cc-cc4b-d859132998a4@gmx.de> <CAN2symjht9iZLDhYEKCYb9V7B4xEoHBG8MFMoAVQS55OKzWC7Q@mail.gmail.com>
In-Reply-To: <CAN2symjht9iZLDhYEKCYb9V7B4xEoHBG8MFMoAVQS55OKzWC7Q@mail.gmail.com>
Date: Tue, 1 Dec 2020 17:46:29 +0000
Message-ID: <CAFPFaM+Np_jQgDFr8vV8TofYyLMZ0EDWmt3+yr1_KQzJTbW6MQ@mail.gmail.com>
To: Paul Crovella <paul.crovella@gmail.com>
Cc: "Christoph M. Becker" <cmbecker69@gmx.de>, "Aimeos | Norbert Sendetzky" <norbert@aimeos.com>, 
	PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="000000000000aaff9905b56ab52a"
Subject: Re: [PHP-DEV] Re: PHP 8 is_file/is_dir input handling
From: george.banyard@gmail.com ("G. P. B.")

--000000000000aaff9905b56ab52a
Content-Type: text/plain; charset="UTF-8"

On Tue, 1 Dec 2020 at 17:45, Paul Crovella <paul.crovella@gmail.com> wrote:

> On Tue, Dec 1, 2020 at 9:25 AM Christoph M. Becker <cmbecker69@gmx.de>
> wrote:
> >
> > On 01.12.2020 at 18:18, Aimeos | Norbert Sendetzky wrote:
> >
> > > PHP 8 is stricter in checking input data then PHP 7. This is good but
> > > has some side effects for is_file(), is_dir() and similar functions
> when
> > > invalid paths are passed for checking.
> > >
> > > In PHP 7, this returns FALSE:
> > >
> > > php -r 'var_dump(is_file("ab\0c"));'
> > >
> > > In PHP 8, the same code throws a ValueException. Problem is now that
> > > it's not possible to check upfront if the passed argument is a valid
> > > path to avoid the exception being thrown.
> >
> > This is only about the NUL byte in the filename.  You can easily check
> > for that yourself. :)
> >
> > Regards,
> > Christoph
>
> Or is_file could check for it, handle it gracefully, and be a safe
> function to call without worrying about this undocumented edge case.
>
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: https://www.php.net/unsub.php
>
>

--000000000000aaff9905b56ab52a--