PHP :: Bug #66095 :: Bundled libmagic has public symbols and conflicts with system libmagic

Bug #66095

Bundled libmagic has public symbols and conflicts with system libmagic

Submitted:

2013-11-14 13:58 UTC

Modified:

2016-08-26 13:37 UTC

Votes:	18
Avg. Score:	4.6 ± 0.7
Reproduced:	18 of 18 (100.0%)
Same Version:	4 (22.2%)
Same OS:	14 (77.8%)

From:

vitalif at mail dot ru

Assigned:

Status:

Open

Package:

Unknown/Other Function

PHP Version:

5.5.6

OS:

Linux

Private report:

CVE-ID:

None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	vitalif at mail dot ru
New email:
PHP Version:		OS:

New/Additional Comment:

[2013-11-14 13:58 UTC] vitalif at mail dot ru

Description:
------------
In the PHP fileinfo extension, there is a bundled libmagic with public symbols.

So when the fileinfo extension is loaded (either as a shared object or when built into PHP itself) - it can conflict with system libmagic.

The conflict appears when you have different system libmagic version, and when you load PHP module into Apache along with some other Apache module that uses libmagic, for example - mod_dav_svn (Subversion DAV server). The result depends on the loading order:
* If libphp5.so (or fileinfo.so) is loaded first, then Subversion gets incorrect libmagic symbols and crashes
* If mod_dav_svn is loaded first, then PHP fileinfo gets incorrect libmagic symbols and also crashes

The bundled extension should have ALL libmagic symbols declared as static. It can be achieved via overriding 'public/protected' macros in libmagic code and including all libmagic sources into fileinfo.c instead of compiling and linking them separately. (See the attached patch)

Patches

libmagic-static-symbols (last revision 2013-11-14 14:00 UTC by vitalif at mail dot ru)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2014-02-25 19:16 UTC] devurandom at gmx dot net

I can reproduce this using PHP 5.5.9 on Apache 2.4.7.

See-Also: https://github.com/jappix/jappix/issues/417

[2014-02-25 19:24 UTC] devurandom at gmx dot net

See-Also: https://bugs.php.net/bug.php?id=54241

[2014-12-28 13:55 UTC] rossi dot f at inwind dot it

First of all I'm experiencing the same problem with my system, I'm using PHP 5.5.20 and apache 2.2.27 with an external libmagic (version 5.21). Up to now the only way to survive has been to keep the system libmagic at version 5.11 but this has implications on the secuiry!

Is there any PHP developer thinking about how to solve this issue?

I have tried to apply the patch here proposed but it doesn't seem to work because I get errors when compiling the code, see the attached log.

[2014-12-28 14:01 UTC] rossi dot f at inwind dot it

I cannot find a way to upload the full log, here is a short piece:

ext/fileinfo/libmagic/.libs/apprentice.o:(.rodata+0x0): multiple definition of `php_magic_database'
ext/fileinfo/.libs/fileinfo.o:(.rodata+0xe00): first defined here
ext/fileinfo/libmagic/.libs/apprentice.o:(.rodata+0x27c590): multiple definition of `file_nnames'
ext/fileinfo/.libs/fileinfo.o:(.rodata+0x27d390): first defined here
ext/fileinfo/libmagic/.libs/apprentice.o:(.rodata+0x27c598): multiple definition of `file_nformats'
ext/fileinfo/.libs/fileinfo.o:(.rodata+0x27d398): first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_tole2':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:159: multiple definition of `cdf_tole2'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:159: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_tole4':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:165: multiple definition of `cdf_tole4'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:165: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_tole8':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:171: multiple definition of `cdf_tole8'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:171: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_swap_header':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:179: multiple definition of `cdf_swap_header'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:179: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `memcpy':
/usr/include/bits/string3.h:51: multiple definition of `cdf_unpack_header'
ext/fileinfo/.libs/fileinfo.o:/usr/include/bits/string3.h:51: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_swap_dir':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:232: multiple definition of `cdf_swap_dir'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:232: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_swap_class':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:248: multiple definition of `cdf_swap_class'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:248: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `memcpy':
/usr/include/bits/string3.h:51: multiple definition of `cdf_unpack_dir'
ext/fileinfo/.libs/fileinfo.o:/usr/include/bits/string3.h:51: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_header':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:322: multiple definition of `cdf_read_header'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:322: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_sector':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:356: multiple definition of `cdf_read_sector'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:356: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_short_sector':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:366: multiple definition of `cdf_read_short_sector'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:366: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_sat':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:386: multiple definition of `cdf_read_sat'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:386: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_count_chain':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:473: multiple definition of `cdf_count_chain'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:473: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_long_sector_chain':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:498: multiple definition of `cdf_read_long_sector_chain'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:498: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_short_sector_chain':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:545: multiple definition of `cdf_read_short_sector_chain'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:545: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_sector_chain':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:587: multiple definition of `cdf_read_sector_chain'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:587: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_dir':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:599: multiple definition of `cdf_read_dir'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:599: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_ssat':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:653: multiple definition of `cdf_read_ssat'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:653: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_short_stream':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:699: multiple definition of `cdf_read_short_stream'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:699: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_summary_info':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:734: multiple definition of `cdf_read_summary_info'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:734: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_read_property_info':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:758: multiple definition of `cdf_read_property_info'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:758: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_unpack_summary_info':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:957: multiple definition of `cdf_unpack_summary_info'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:957: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_print_classid':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:987: multiple definition of `cdf_print_classid'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:987: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_print_property_name':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:1023: multiple definition of `cdf_print_property_name'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:1023: first defined here
ext/fileinfo/libmagic/.libs/cdf.o: In function `cdf_print_elapsed_time':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:1034: multiple definition of `cdf_print_elapsed_time'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf.c:1034: first defined here
ext/fileinfo/libmagic/.libs/cdf_time.o: In function `cdf_timestamp_to_timespec':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf_time.c:109: multiple definition of `cdf_timestamp_to_timespec'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf_time.c:109: first defined here
ext/fileinfo/libmagic/.libs/cdf_time.o: In function `cdf_timespec_to_timestamp':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf_time.c:167: multiple definition of `cdf_timespec_to_timestamp'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf_time.c:167: first defined here
ext/fileinfo/libmagic/.libs/cdf_time.o: In function `cdf_ctime':
/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf_time.c:171: multiple definition of `cdf_ctime'
ext/fileinfo/.libs/fileinfo.o:/var/tmp/portage/dev-lang/php-5.5.20/work/sapis-build/cli/ext/fileinfo/libmagic/cdf_time.c:171: first defined here
collect2: error: ld returned 1 exit status
Makefile:266: recipe for target 'sapi/cli/php' failed
make: *** [sapi/cli/php] Error 1

[2016-08-26 13:37 UTC] cmb@php.net

-Package: Filesystem function related +Package: Unknown/Other Function

[2019-09-11 14:00 UTC] info at rickvanderzwet dot nl

Still relevant at FreeBSD 11.3-RELEASE. 

Software versions:
  - www/mod_dav_svn 1.12.2
  - sysutils/php72-fileinfo 7.2.22
  - www/apache24 - 2.4.41


Simple test case:
shell# echo "This is a dummy file" > /tmp/foo.txt

Running code served by apache:
<?php
  $fi = finfo_open(FILEINFO_MIME);
  echo finfo_file($fi, '/tmp/foo.txt');
php>

Running the code with mod_dav_svn enabled will cause the execution to fail. Disabling mod_dav_svn will execute correctly. Rationale also explained in FreeBSD PR report:
   https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195562

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Nov 22 05:01:29 2024 UTC