PHP :: Bug #31054 :: [PATCH] include_path is not traversed fully when open

Bug #31054

[PATCH] include_path is not traversed fully when open_basedir nonmatching

Submitted:

2004-12-10 16:14 UTC

Modified:

2005-06-20 17:59 UTC

Votes:	4
Avg. Score:	4.8 ± 0.4
Reproduced:	3 of 3 (100.0%)
Same Version:	1 (33.3%)
Same OS:	1 (33.3%)

From:

kameshj at fastmail dot fm

Assigned:

Status:

Closed

Package:

Safe Mode/open_basedir

PHP Version:

5CVS-2005-03-06

OS:

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	kameshj at fastmail dot fm
New email:
PHP Version:		OS:

New Comment:

[2004-12-10 16:14 UTC] kameshj at fastmail dot fm

Description:
------------
include_path is not traversed fully when open_basedir have a nonmatching entries with respect to include_path entries matching from the beginning.
For example:
include_path=/kameshj:/usr/local/lib/php/includes
open_base_dir=/mageshj:/usr/local/lib/php/includes
Even though I have "include.php" under /usr/local/lib/php/includes and /usr/local/lib/php/includes is also under open_basedir include fails because of open_basedir check.

Analysed the cause and found the cause to be 
_php_stream_fopen_with_path in 
php-src/main/streams/plain_wrapper.c

In this function 
php_check_open_basedir is called for each include_path_entry/filename if for any of the include_path it fails further include_path is not tried at all.

Attaching the patch at 
http://puggy.symonds.net/~kameshj/incpath.patch

Reproduce code:
---------------
main.php
<?php
echo __FILE__;
echo "\n";
include(include.php);
echo "\n";
?>
include.php
<?php
echo __FILE__;
?>
Keep this include.php in a second entry the include path for example keep this include.php in /my/inc and have include_path as "/non/existent:/my/inc"
Make sure this "/non/existent" is not present in open_basedir and run main.php.

Expected result:
----------------
main.php should include 'include.php' successfully.

Actual result:
--------------
You will get a include failure message and whole host of open_basedir failure messages.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-03-04 16:18 UTC] kameshj at fastmail dot fm

This is reproducible with both php-5.0.4-dev as well as php-5.1.0-dev.

[2005-06-20 17:59 UTC] iliaa@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 12:01:29 2024 UTC