PHP :: Bug #37236 :: move_uploaded_file() does not work when "upload_tmp

Bug #37236

move_uploaded_file() does not work when "upload_tmp_dir" is other fs than dest

Submitted:

2006-04-28 11:31 UTC

Modified:

2006-11-09 18:00 UTC

Votes:	22
Avg. Score:	4.9 ± 0.3
Reproduced:	19 of 19 (100.0%)
Same Version:	13 (68.4%)
Same OS:	10 (52.6%)

From:

youza at post dot cz

Assigned:

iliaa (profile)

Status:

Closed

Package:

*Directory/Filesystem functions

PHP Version:

5.1.4, 4.4.2

OS:

fedora core 4

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	youza at post dot cz
New email:
PHP Version:		OS:

New Comment:

[2006-04-28 11:31 UTC] youza at post dot cz

Description:
------------
Function move_uploaded_file()  work fine in
php4-STABLE-200602010935.tar.gz

but not work in last php4-STABLE-200604281030.tar.gz
the code www page, directory structure and permission  and apache, configuration is the same.

Error message:

[28-Apr-2006 12:28:16] PHP Warning:  move_uploaded_file(): open_basedir restriction in effect. File(/tmp/php0FDyAV) is not within the allowed path(s): (/my/web/path) in /my/web/path/upload/upload.php on line 53
[28-Apr-2006 12:28:16] PHP Warning:  move_uploaded_file(/tmp/php0FDyAV): failed to open stream: Operation not permitted in /my/web/path/upload/upload.php on line 53
[28-Apr-2006 12:28:16] PHP Warning:  move_uploaded_file(): Unable to move '/tmp/php0FDyAV' to 'upload/php0FDyAV' in /my/web/path/upload/upload.php on line 53

How is problem  in  ext/standard/file.c ???

the chages:
http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/file.c?r1=1.279.2.70.2.6&r2=1.279.2.70.2.7&pathrev=PHP_4_4



Reproduce code:
---------------
move_uploaded_file($file, $destination);

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-05-09 13:24 UTC] 0602 at eq dot cz

Hi, the same here with 5.1.4. The problem in 5.1.4 sources is here: http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/file.c?r1=1.409.2.5&r2=1.409.2.6 - commited by iliaa. When 'upload_tmp_dir' is on a different filesystem then the destination file, the code in move_uploaded_file fails on rename and then tries php_copy_file, which after the iliaa's commit checks also the source path for open_basedir restriction. The obvious workaround for this bug is to reconfigure upload_tmp_dir to be on the same fs as the destination.

[2006-07-23 12:27 UTC] sniper@php.net

Sara, anything new about this?

[2006-08-04 07:36 UTC] youza at post dot cz

Other details:
if upload_tmp_dir is on a different filesystem then the
destination file, the function move_uploaded_file (for
PHP  4.4.2) - work fine and  the destination file  has permission  -rw-rw-r--  UID/GID apache/apache
( apache process started witch umask 0002  ).
But   upload_tmp_dir  is on a
the same filesystem then the destination file, permission
for new destination file is  -rw-------  UID/GID apache/apache !!!!
( tested PHP 4.4.2, PHP 5.1.4 ) The permissions is incorrect
users in apache group will not have access to this files.

Diferent permission depending to the  upload_tmp_dir and filesystem location not correct.

[2006-10-16 15:12 UTC] iliaa@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

[2006-10-23 07:46 UTC] youza at post dot cz

I can find this fix in CVS for 4.4.4 ?

[2006-10-23 07:49 UTC] youza at post dot cz

Sorry,  I cannot  find this fix in CVS for 4.4.4 ?

[2006-11-06 09:22 UTC] youza at post dot cz

Hello,
please i cannot find the fix in 4.4.4 CVS, please help me.
Is this bug fixed in the 4.4.4(5) CVS ?
Sorry if  my question is irrelevant.

[2006-11-09 18:00 UTC] iliaa@php.net

The fix is in PHP 4, however it will only work if your upload 
dir is within open_basedir or open_basedir is disabled. On 
PHP5 this is a non-issue, however this part of a patch cannot 
be backported due to BC issues.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Feb 05 06:01:32 2025 UTC