PHP :: Bug #75379 :: Warning: finfo_file(): Null byte in regex in /root/php-src/bug/1.php on line 4

Bug #75379

Warning: finfo_file(): Null byte in regex in /root/php-src/bug/1.php on line 4

Submitted:

2017-10-15 08:09 UTC

Modified:

2017-10-15 09:22 UTC

Votes:	8
Avg. Score:	4.2 ± 0.8
Reproduced:	7 of 8 (87.5%)
Same Version:	3 (42.9%)
Same OS:	1 (14.3%)

From:

chipitsine at gmail dot com

Assigned:

Status:

Open

Package:

*General Issues

PHP Version:

Irrelevant

OS:

centos 7

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	chipitsine at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2017-10-15 08:09 UTC] chipitsine at gmail dot com

Description:
------------
when analyzing malware samples from VirusShare, I encountered a sample that fails on finfo_file

it's VirusShare_01ff33de3e8bdded777bdcabe1c983c1

I do not know how to upload it here

Test script:
---------------
$finfo = finfo_open(FILEINFO_MIME);
$type = finfo_file($finfo, __DIR__.'/VirusShare_01ff33de3e8bdded777bdcabe1c983c1');

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-10-15 08:11 UTC] chipitsine at gmail dot com

if someone wishes to get VirusShare_01ff33de3e8bdded777bdcabe1c983c1, please contact me, I'll provide

[2017-10-15 08:13 UTC] chipitsine at gmail dot com

full error message:

Warning: finfo_file(): Null byte in regex in /root/php-src/bug/1.php on line 4

Warning: finfo_file(): Failed identify data 0:(null) in /root/php-src/bug/1.php on line 4

[2017-10-15 08:51 UTC] spam2 at rhsoft dot net

how do you come to the crazy conclusion PHP version is irrelevant, you can't upload it here but you need to find a way upload it *somewhere* and place a link here - without reproducer and exact version no way to fix

if you are using the php shipped with RHEL you are completely wrong here because that's a no longer upstream maintained 5.4 and hence the redhat bugzilla.redhat.com is your friend

[2017-10-15 09:22 UTC] chipitsine at gmail dot com

I reproduced in master from https://github.com/php/php-src
it is 7.2-git-master, but I couldn't figure out how to choose that version in dropdown box

https://yadi.sk/d/F-bwoBFL3Nm6hS - password 'infected' (be careful, it's a malware sample for android)

[2019-11-14 18:00 UTC] bugzilla at shnoulle dot net

Can reproduce with a simple file (Tab separated value) file
With fedora/Linux PHP Version 7.3.11

File was in https://bugs.limesurvey.org/view.php?id=15565

vvexport_151625-1.csv

[2020-04-02 21:03 UTC] max at ytmnd dot com

I'm seeing "finfo::file(): Null byte in regex" multiple times daily with a variety of files being uploaded by users. Would love if anyone has a solution to this.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 12:01:31 2024 UTC