Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:112345 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 93107 invoked from network); 1 Dec 2020 18:56:22 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 1 Dec 2020 18:56:22 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 2EF251804D4 for ; Tue, 1 Dec 2020 10:23:50 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Virus: No X-Envelope-From: Received: from mail-ed1-f41.google.com (mail-ed1-f41.google.com [209.85.208.41]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Tue, 1 Dec 2020 10:23:49 -0800 (PST) Received: by mail-ed1-f41.google.com with SMTP id y22so4757025edv.1 for ; Tue, 01 Dec 2020 10:23:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rZFaHfikBnYdf06kUGMElW6Yj6pCzctcRRUlHfUbnvA=; b=Wi7YlnHPgpyJrpgBimGFcDNMIITZR86mfqRm3WaBKSe6t9JDy0FbmFxwK42sPTHVhO 6S1tpr1GTVeGtkzSm4sy5KexhPwOhiC/bdnSkTzjEuADbJpq3SJUgwTde8fASqLQh/c+ sP+CIhj9iU262vqMHkKHJdg7Ly2MESW0F3IkpOj6LzWJ2NDoPjeTvHIL8j0Aco+tEJ3E MpJra6xIdunloSz2rYpKn7R1K59oadyB/wmJctth4ChDz4R+6tHc8umedLglmmVi/bsj h5Nueq+RnEY/TvvjpUhH4d4s26u47i7ABdcjl4M2Gen1OVo8CgMbBoa4lQ9SsCnBSLGH WfPQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rZFaHfikBnYdf06kUGMElW6Yj6pCzctcRRUlHfUbnvA=; b=g+Iw/gWYWuqcbPIG5Sj0JrLHDz6VssAw5mPNE7VXn15eMWRScVru8/O6o17u43Qjhh eGpnnLvpgBGuvb03fHmGy/kjvJKmTURSZkHUz7A/b8xhIewN4GN0K2u+ZRuJtRPf2pPM ylCji15utNP18wI3mXTfLfXRYzO9IqgDoxcmQcn+yT5bvkRe6xjWEDmcvw8L2apN4ZBR Iq2MVERKCenF2msDGapJau2IUqBcx2H+beSk+0uPtgMbazrjDwDa/2MC6XAFecCLB3Ez rLE/7H675Tyhzns1rM1w6ZV7EohDlxXhoDTCkBpwPvhAQM1TJLifWv/+gTAJAJvndHd0 X8zA== X-Gm-Message-State: AOAM530yL0pA/gdMU1F5mcI7/l3J78nle8oSb7GDse90/VWhfPiattV6 Q9MyPHhkZRZjHpIUTPCwjAjRD6Gk8VjRTrRj7tw= X-Google-Smtp-Source: ABdhPJyD5k2N+N7tT4RW1aM014QWSSlVHjy7WpfRBqzvf1lFBom02W1NtY82qRN752IVm8SOE5fFs4+7ZdewXHtwWF0= X-Received: by 2002:a50:d493:: with SMTP id s19mr4463381edi.104.1606847028359; Tue, 01 Dec 2020 10:23:48 -0800 (PST) MIME-Version: 1.0 References: <0774c293-afd7-d8b9-175f-217ed600d1ea@aimeos.com> In-Reply-To: Date: Tue, 1 Dec 2020 18:23:34 +0000 Message-ID: To: Paul Crovella Cc: "Christoph M. Becker" , "Aimeos | Norbert Sendetzky" , PHP internals Content-Type: multipart/alternative; boundary="0000000000005575b205b56b3a12" Subject: Re: [PHP-DEV] Re: PHP 8 is_file/is_dir input handling From: george.banyard@gmail.com ("G. P. B.") --0000000000005575b205b56b3a12 Content-Type: text/plain; charset="UTF-8" On Tue, 1 Dec 2020 at 18:07, Paul Crovella wrote: > On Tue, Dec 1, 2020 at 9:43 AM Christoph M. Becker > wrote: > > > > On 01.12.2020 at 18:35, Aimeos | Norbert Sendetzky wrote: > > > > > Am 01.12.20 um 18:24 schrieb Christoph M. Becker: > > >> > > >>> In PHP 7, this returns FALSE: > > >>> > > >>> php -r 'var_dump(is_file("ab\0c"));' > > >>> > > >>> In PHP 8, the same code throws a ValueException. Problem is now that > > >>> it's not possible to check upfront if the passed argument is a valid > > >>> path to avoid the exception being thrown. > > >> > > >> This is only about the NUL byte in the filename. You can easily check > > >> for that yourself. :) > > > > > > There may be other checks that will throw a ValueException. I'm not > sure > > > how it's implemented in detail because the filestat.c file doesn't > > > thrown an exception at all: > > > > The exception is thrown from inside the parameter parsing routines > > (zend_parse_parameters() and friends). Internal function differenciate > > between string and path, whereas the latter is an arbitrary string which > > does not contain NUL bytes. > > > > It would likely make sense to document that. OTOH, it's probably a good > > idea to check (almost) all user input for NUL bytes. > > Would it not make more sense for something like is_file to have > obvious sane behavior and simply return false itself? I don't > understand the resistance to making it more difficult for a developer > to screw something up. > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: https://www.php.net/unsub.php So why having is_file()/is_dir() throw a warning for the past 8 years (since PHP 5.4) a non-issue? Because by that logic it shouldn't have been emitting warnings either. Would it have been fine if this would have been a TypeError as it was originally intended? Is a warning fine because null bytes indicate a potential attack as in no sane context should null bytes be passed around? I don't personally *care* that it throws a ValueError, but why is this issue only brought up *now* when it should have been shouting for 8 years and is either an indication of a bug or of something larger at play. Best regards, George P. Banyard --0000000000005575b205b56b3a12--