PHP :: Bug #45151 :: Crash with URI/file..php (filename contains 2 dots)

Bug #45151	Crash with URI/file..php (filename contains 2 dots)
Submitted:	2008-06-02 19:20 UTC	Modified:	2008-07-15 13:39 UTC
From:	giedrius at su dot lt	Assigned:	dmitry (profile)
Status:	Closed	Package:	CGI/CLI related
PHP Version:	5.2.6	OS:	Linux 2.6
Private report:	No	CVE-ID:	None

View Developer Edit

[2008-06-02 19:20 UTC] giedrius at su dot lt

Description:
------------
PHP SEGfaults when opening file..php
PHP(FastCGI SAPI) is invoked via suphp
running php-cgi binary manually does NOT trigger segfault

For the moment managed to fix this by replacing ".." directory 
protection to "../"


Expected result:
----------------
parse the file

Actual result:
--------------
segfaults

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-06-02 19:22 UTC] giedrius at su dot lt

Fixed by replacing ".." to "../" in sapi/cgi/cgi_main.c
for directory protection in url

[2008-07-11 16:27 UTC] jani@php.net

Dmitry, can you check this out please?

[2008-07-15 13:39 UTC] dmitry@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Mar 04 06:01:27 2025 UTC