Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:4632
Return-Path: <tvrtko@croadria.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 69077 invoked by uid 1010); 1 Oct 2003 08:32:11 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 69023 invoked by uid 1007); 1 Oct 2003 08:32:11 -0000
Message-ID: <20031001083211.69022.qmail@pb1.pair.com>
To: internals@lists.php.net
Date: Wed, 01 Oct 2003 10:34:40 +0200
Lines: 51
User-Agent: KNode/0.7.2
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="nextPart1459531.kTQQqxai0a"
Content-Transfer-Encoding: 7Bit
X-Posted-By: 195.29.186.252
Subject: About Bug #14049 and more
From: tvrtko@croadria.com (Tvrtko Ursulin)

--nextPart1459531.kTQQqxai0a
Content-Type: text/plain; charset=iso-8859-2
Content-Transfer-Encoding: 8Bit


Hello,

I see that in 4.3.4RC1 this bug is fixed. Can someone please give me a hint
where to find the patch only for that one?

I investigated a little because some time ago I made a patch that solves the
following problem.

Explanation:

When open_basedir is in effect the following operation fails because of
open_basedir restriction which I think is wrong:

fopen("path/exists/file_doesnt","w");

It should not fail, or maybe with EACCESS if appropriate.

So my patch (attached) makes sure that realpath successfully resolves
non-existent paths. It does so by checking errno after realpath call, and
in case it is ENOENT, it ignores the error.

Can anybody comment on this?

--nextPart1459531.kTQQqxai0a
Content-Type: text/x-diff; name="php-4.3.3-basedir-symlinks.patch"
Content-Transfer-Encoding: 8Bit
Content-Disposition: attachment; filename="php-4.3.3-basedir-symlinks.patch"

diff -Naur php-4.3.3-orig/TSRM/tsrm_virtual_cwd.c php-4.3.3/TSRM/tsrm_virtual_cwd.c
--- php-4.3.3-orig/TSRM/tsrm_virtual_cwd.c	2003-07-28 20:35:34.000000000 +0200
+++ php-4.3.3/TSRM/tsrm_virtual_cwd.c	2003-09-25 17:08:27.000000000 +0200
@@ -307,10 +307,13 @@
 	 * This can happen under solaris when a dir does not have read permissions
 	 * but *does* have execute permissions */
 	if (IS_ABSOLUTE_PATH(path, path_length) || (state->cwd_length < 1)) {
-		if (use_realpath && realpath(path, resolved_path)) {
-			path = resolved_path;
-			path_length = strlen(path);
-		}
+                if (use_realpath) {
+                        char *rc = realpath(path, resolved_path);
+                        if ( rc || errno == ENOENT ) {
+                                path = resolved_path;
+                                path_length = strlen(path);
+                        }
+                }
 	} else { /* Concat current directory with relative path and then run realpath() on it */
 		char *tmp;
 		char *ptr;

--nextPart1459531.kTQQqxai0a--