PHP :: Bug #7475 :: Temporary file leak when zero-byte files are uploaded

Bug #7475	Temporary file leak when zero-byte files are uploaded
Submitted:	2000-10-26 00:30 UTC	Modified:	2000-10-30 10:34 UTC
From:	jr-php at quo dot to	Assigned:
Status:	Closed	Package:	Unknown/Other Function
PHP Version:	4.0.3pl1	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	jr-php at quo dot to
New email:
PHP Version:		OS:

New Comment:

[2000-10-26 00:30 UTC] jr-php at quo dot to

If "FILE1" is a posted file and it is zero bytes in length, the following code will die with a "Failed - none" message:

$tmpfile = $HTTP_POST_FILES["FILE1"]["tmp_name"];
if (!is_uploaded_file($tmpfile)) {
	die ("Failed - " . $tmpfile);
}

Not only does it fail, it leaves a zero-byte "php" temporary file behind in /tmp.

But if the file is non-zero in length, it does not fail, and the temporary file is automatically deleted at exit.

I can reproduce this with IE 4.01sp1, IE 5.5, and Netscape 4.75. My HTML which calls the upload script looks like this:

<form method="POST" action="/doupload.php" ENCTYPE="multipart/form-data">
<input type=file name="FILE1" size=60>
<input type=submit value="Upload File">
</form>

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-10-30 10:34 UTC] stas@php.net

Should be fixed in CVS. Please reopen if stil happens.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sun Dec 22 02:01:28 2024 UTC