php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #53352 open_basedir does not pass through files with matching path
Submitted: 2010-11-19 09:53 UTC Modified: 2010-11-24 10:17 UTC
From: dmitrij at stepanov dot lv Assigned: pajoye (profile)
Status: Closed Package: Safe Mode/open_basedir
PHP Version: 5.3SVN-2010-11-19 (SVN) OS: Windows 7
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: dmitrij at stepanov dot lv
New email:
PHP Version: OS:

 

 [2010-11-19 09:53 UTC] dmitrij at stepanov dot lv 
Description:
------------
Right after installing PHP 5.3.4RC1 i get the following error:

[19-Nov-2010 08:47:47] PHP Warning:  Unknown: open_basedir restriction in effect. File(C:\Users\Dmitry\Repo\InnoForce\AMD\trunc\01_Code\public_html\index.php) is not within the allowed path(s): (C:/Users/Dmitry/Repo/InnoForce/AMD/trunc/01_Code/;C:/Windows/Temp) in Unknown on line 0

[19-Nov-2010 08:47:47] PHP Warning:  Unknown: failed to open stream: Operation not permitted in Unknown on line 0

[19-Nov-2010 08:47:47] PHP Fatal error:  Unknown: Failed opening required 'C:/Users/Dmitry/Repo/InnoForce/AMD/trunc/01_Code/public_html/index.php' (include_path='.;C:\php5\pear') in Unknown on line 0

It was working with PHP 5.3.3.

Test script:
---------------
# open_basedir in apache config
php_admin_value open_basedir "C:/Users/Dmitry/Repo/InnoForce/AMD/trunc/01_Code/;C:/Windows/Temp"


Expected result:
----------------
No errors

Actual result:
--------------
[19-Nov-2010 08:47:47] PHP Warning:  Unknown: open_basedir restriction in effect. File(C:\Users\Dmitry\Repo\InnoForce\AMD\trunc\01_Code\public_html\index.php) is not within the allowed path(s): (C:/Users/Dmitry/Repo/InnoForce/AMD/trunc/01_Code/;C:/Windows/Temp) in Unknown on line 0

[19-Nov-2010 08:47:47] PHP Warning:  Unknown: failed to open stream: Operation not permitted in Unknown on line 0

[19-Nov-2010 08:47:47] PHP Fatal error:  Unknown: Failed opening required 'C:/Users/Dmitry/Repo/InnoForce/AMD/trunc/01_Code/public_html/index.php' (include_path='.;C:\php5\pear') in Unknown on line 0

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-11-19 13:41 UTC] pajoye@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: pajoye
 [2010-11-23 23:14 UTC] pajoye@php.net 
Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&revision=305698
Log: - fixed #53352
 [2010-11-23 23:16 UTC] pajoye@php.net
-Status: Assigned +Status: Feedback
 [2010-11-23 23:16 UTC] pajoye@php.net 
Fixed in trunk and 5.3

please try using a snapshot.You can fetch a snapshot of trunk or 5.3 here:

http://rmtools.php.net/snaps/

Fetch a snap equal or superior to r305698 (should show up shortly).
 [2010-11-24 07:24 UTC] dmitrij at stepanov dot lv 
Still see no snap at http://rmtools.php.net/snaps/ that is superior to r305698. Once it's there, I will reply with the results.
 [2010-11-24 09:59 UTC] pajoye@php.net 
Superior or equal to r305698, the r305698 is there :)
 [2010-11-24 10:09 UTC] dmitrij at stepanov dot lv 
Sorry, my bad. Missed the "equal or" opcode :)

r305698 works fine, issue is gone. Thanks.
 [2010-11-24 10:17 UTC] pajoye@php.net
-Status: Feedback +Status: Closed
 [2010-11-24 10:17 UTC] pajoye@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.
 [2010-12-09 18:04 UTC] pajoye@php.net 
Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&revision=306136
Log: - missing merge fix for #53352
 [2010-12-20 18:18 UTC] lekensteyn at gmail dot com 
Please see bug #53577 (marked as dupe), the patch provided was incomplete.

Direct link to the patch:
http://bugs.php.net/patch-display.php?bug_id=53577&patch=open_basedir-trailing-slash-fix-PHP_5_3&revision=latest
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 20:01:29 2024 UTC