|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2005-06-14 02:47 UTC] iliaa@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Thu Jan 02 12:01:29 2025 UTC |
Description: ------------ I couldnt find anyone who has reported this before, but there is a big leak with the readdir function. I was playing with the code and found that you can use is to read the root directory, or any dir for that matter, that is a security risk!!!!!! here is the code - Hope this helps fix the problem. Reproduce code: --------------- function GetDirContents($dir){ ini_set("max_execution_time",10); if (!is_dir($dir)){die ("OOps");} if ($root=@opendir($dir)){ while ($file=readdir($root)){ if($file=="." || $file==".."){continue;} $files[]=$dir.$file; for($x=0; $x<sizeof($files);$x++) print $files[$x]<br>"; } } return $files; } Expected result: ---------------- It will print all of the directories and files depending on the input.(even the root!!!) Actual result: -------------- It will print all of the directories and files depending on the input.(even the root!!!)