Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:112369 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 99259 invoked from network); 2 Dec 2020 12:53:46 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 2 Dec 2020 12:53:46 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 9B163180511 for ; Wed, 2 Dec 2020 04:21:26 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Virus: No X-Envelope-From: Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com [209.85.214.174]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Wed, 2 Dec 2020 04:21:25 -0800 (PST) Received: by mail-pl1-f174.google.com with SMTP id k5so1029583plt.6 for ; Wed, 02 Dec 2020 04:21:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=inkg/a9TzhSmSh1F4MNMon4SvYO08FNN/X5AObBH3xE=; b=TQC0WQqiX3GXVaXSGNn5xw7bhj86l8B+ZpWWvPDRHbwPdb2+wIMAQngwWQ0wOUJcf4 WZjROXmPPtqeCUZ2wt7lFX9qXxNzQmE5a9IoyeE0/N8lJevEy6A/Tn+ctOogJkEvZQLZ x61wEUoj8o4eU//fDsoPEj/wkjTLEeLeh8K5LWJw1xZo2iq3nV44e7LEvksITtrwvEv7 B3NfRXzWQ5ziKd+xKxOuVgxCUMCLignKbNz3ULtIEKgOk8WeZ26n8m7RQi6uXVp50GHr x5vTbJ4h5PVGIKIsbENJoBVRGQKLrcQeJzuf6gCmUctQZnoFbFHdDOTrPIQSxE6zoMfn Rnkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=inkg/a9TzhSmSh1F4MNMon4SvYO08FNN/X5AObBH3xE=; b=IEHI1EiVYxlYHkyX2+ajzJPsEQqtaGH6fy20tSJyCWYSIKhciQh04vNUS+iLXfOgt9 obl366quPnEKH+5HzgqYVD6EpZQskTcRuSIZlONcBLgMc8gvFoSj/U/Vw2/zL0RRmS7g woLUpNCJ4YamSDlRSbLoBk3J+lflG1OHXachRb75GBCGOmMZlI5QMY8EaL8hyWZsG+Hp D83yHpLGcP/alCmOlucGX4nDRjHnc5w00MUIFHrARlQ2Nfa/0+91pMSjVJCgZVQ/Suny GNTjQ/oErJqJ6PTgde23NjtTjds5p07o4siMXotx4EP5EAvbQMThX4p9LPF3tUWYC7I3 fn0g== X-Gm-Message-State: AOAM532+LvL+hcqTLnm4VvZwT5z+A5EEEXfvqaYAFIlB7Fg+IJasQKDR 9cpyBTV84qdw6k4Q7uGwgnuC6MO4MrW/fQE27fkV/oK49JG6hw== X-Google-Smtp-Source: ABdhPJx7OPTgsIMErbxzenyYsCmJRKY3eN/OevWAJzIzCzSbugOFPO1NiGtAKQhFUV/OtZQXTjTEepJyAdyvH7/UWG0= X-Received: by 2002:a17:902:b68a:b029:d8:d387:3d04 with SMTP id c10-20020a170902b68ab02900d8d3873d04mr2421139pls.62.1606911682192; Wed, 02 Dec 2020 04:21:22 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: Date: Wed, 2 Dec 2020 13:21:11 +0100 Message-ID: To: PHP internals Content-Type: text/plain; charset="UTF-8" Subject: Re: [PHP-DEV] Re: PHP 8 is_file/is_dir and imagecreatefromstring() From: divinity76@gmail.com (Hans Henrik Bergan) so.. will the imagecreatefromstring() thing be fixed in 8.0.1 or 8.1.0 ? On Wed, 2 Dec 2020 at 10:57, Nikita Popov wrote: > > On Wed, Dec 2, 2020 at 10:21 AM Aimeos | Norbert Sendetzky < > norbert@aimeos.com> wrote: > > > Am 01.12.20 um 18:24 schrieb Christoph M. Becker: > > > On 01.12.2020 at 18:18, Aimeos | Norbert Sendetzky wrote: > > > > > >> PHP 8 is stricter in checking input data then PHP 7. This is good but > > >> has some side effects for is_file(), is_dir() and similar functions when > > >> invalid paths are passed for checking. > > >> > > >> In PHP 7, this returns FALSE: > > >> > > >> php -r 'var_dump(is_file("ab\0c"));' > > >> > > >> In PHP 8, the same code throws a ValueException. Problem is now that > > >> it's not possible to check upfront if the passed argument is a valid > > >> path to avoid the exception being thrown. > > > > > > This is only about the NUL byte in the filename. You can easily check > > > for that yourself. :) > > > > If it's the only check that would throw a ValueException, then yes - > > even if I think that is_file() should only return true/false to avoid > > blown up code for checks that should be done by is_file(). > > > > Now have a look at GD imagecreatefromstring() which has almost the same > > issue. If you use: > > > > php -r 'var_dump(imagecreatefromstring('some data'));' > > > > you will get in PHP 7: > > > > PHP Warning: imagecreatefromstring(): Empty string or invalid image in > > Command line code on line 1 > > PHP Stack trace: > > PHP 1. {main}() Command line code:0 > > PHP 2. imagecreatefromstring() Command line code:1 > > Command line code:1: > > bool(false) > > > > and in PHP 8: > > > > PHP Fatal error: Uncaught ValueError: imagecreatefromstring(): Argument > > #1 ($data) cannot be empty in Command line code:1 > > Stack trace: > > #0 Command line code(1): imagecreatefromstring() > > #1 {main} > > thrown in Command line code on line 1 > > > > How would you check the string upfront to be a valid image to avoid the > > ValueException there? > > > > Also, the error in PHP 8 is wrong because the string isn't empty but not > > a valid image or not supported by GD. > > > > This was an implementation error, fixed in > https://github.com/php/php-src/commit/a89aaf6c386679492e814cfbb5790142e29692fe. > Thanks for the report! > > Nikita