php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #25746 broken getcwd causes bailout and empty response body
Submitted: 2003-10-03 11:49 UTC Modified: 2003-10-08 22:56 UTC
From: neilus at dcs dot kcl dot ac dot uk Assigned:
Status: Closed Package: Apache related
PHP Version: 4.3.3 OS: Solaris
Private report: No CVE-ID:
 [2003-10-03 11:49 UTC] neilus at dcs dot kcl dot ac dot uk
Description:
------------
The fix for bug #21310 introduced:
#if HAVE_BROKEN_GETCWD
                        /* this looks nasty to me */
                        old_cwd_fd = open(".", 0);
                        if (old_cwd_fd == -1) {
                                zend_bailout();
                        }

into php_execute_script in main/main.c.

If PHP does not have read permissions on the cwd, it bails out and the client gets an empty response body.

This is a particular problem if the last request has chdir'd the web server to such a directory. Apache does this when you request a file that uses server side includes.

Reproduce code:
---------------
# mkdir -m 711 /tmp/abc
# cd /tmp/abc
# httpd -X
$ wget -q -O - http://localhost/content.php

# httpd -X
$ wget -q -O - http://localhost/no_read_perms/content.shtml
$ wget -q -O - http://localhost/content.php


Expected result:
----------------
$ wget -q -O - http://localhost/content.php
  ...
$

$ wget -q -O - http://localhost/no_read_perms/content.shtml
  ...
$ wget -q -O - http://localhost/content.php
  ...
$


Actual result:
--------------
$ wget -q -O - http://localhost/content.php
$

$ wget -q -O - http://localhost/no_read_perms/content.shtml
  ...
$ wget -q -O - http://localhost/content.php
$


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-10-08 22:56 UTC] iliaa@php.net
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 18 15:02:26 2014 UTC