php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #42832 scandir() fails unless user has permissions in the parent directory
Submitted: 2007-10-02 17:57 UTC Modified: 2010-01-25 19:56 UTC
Votes:4
Avg. Score:5.0 ± 0.0
Reproduced:3 of 3 (100.0%)
Same Version:2 (66.7%)
Same OS:2 (66.7%)
From: jmboyd at bluebottle dot com Assigned: pajoye (profile)
Status: Closed Package: Directory function related
PHP Version: 5.2CVS-2008-08-25 OS: win32 only - Windows 2000/XP
Private report: No CVE-ID: None
 [2007-10-02 17:57 UTC] jmboyd at bluebottle dot com
Description:
------------
A user must have permissions for a directory's parent in order to scan it with scandir.  If the user does not have permissions (for instance, user has "Full Control" over the subdir but is not in the parent's ACL at all), php fails with a "failed to open dir: Bad file descriptor" error followed by a "(errno 9): Bad file descriptor" error.

Based on the quick test in the "Actual results" box below, this bug seems to have arrived between 5.2.1 and 5.2.2.  No php.ini is in use in any of the tests.

Reproduce code:
---------------
Any use of scandir will work, here's a quick one to do from the command line, after cding to the subdir:

php -r "foreach(scandir('.') as $f) { echo($f); }"

Expected result:
----------------
The subdirectory's filenames (all run together):

...file1.txtfile2.txtfile3.txt

Actual result:
--------------
C:\>cd \parentdir
Access is denied.

C:\>cd \parentdir\subdir

C:\parentdir\subdir>dir /B
file1.txt
file2.txt
file3.txt

C:\parentdir\subdir>\php521\php -r "foreach(scandir('.') as $f) { echo($f); }"
...file1.txtfile2.txtfile3.txt
C:\parentdir\subdir>\php522\php -r "foreach(scandir('.') as $f) { echo($f); }"

Warning: scandir(.): failed to open dir: Bad file descriptor in Command line code on line 1

Warning: scandir(): (errno 9): Bad file descriptor in Command line code on line 1

Warning: Invalid argument supplied for foreach() in Command line code on line 1

C:\parentdir\subdir>\php524\php -r "foreach(scandir('.') as $f) { echo($f); }"

Warning: scandir(.): failed to open dir: Bad file descriptor in Command line code on line 1

Warning: scandir(): (errno 9): Bad file descriptor in Command line code on line 1

Warning: Invalid argument supplied for foreach() in Command line code on line 1

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-10-04 01:59 UTC] jmboyd at bluebottle dot com
Same result with the snapshot (from 03 Oct 2007 20:09:47):

C:\parentdir\subdir>\php525dev\php -r "foreach(scandir('.') as $f) { echo($f); }"

Warning: scandir(.): failed to open dir: Bad file descriptor in Command line code on line 1

Warning: scandir(): (errno 9): Bad file descriptor in Command line code on line 1

Warning: Invalid argument supplied for foreach() in Command line code on line 1
 [2008-08-18 17:54 UTC] jmboyd at bluebottle dot com
Same result with the snapshot (from Mon, 18 Aug 2008 14:03:00 -0400):

C:\parentdir\subdir>\php53dev\php -r "foreach(scandir('.') as $f) {echo($f); }"

Warning: scandir(.): failed to open dir: Bad file descriptor in Command line code on line 1

Warning: scandir(): (errno 9): Bad file descriptor in Command line code on line 1

Warning: Invalid argument supplied for foreach() in Command line code on line 1
 [2008-08-25 14:56 UTC] jmboyd at bluebottle dot com
Hey, I did provide feedback!  Lousy robot.

Just tried it again with the latest 5.3.0alpha2-dev build stamped Mon, 25 Aug 2008 10:05:33 -0400, same result.  I can post the output if needed, but it's exactly the same as the 18 Aug 5:54pm UTC comment above.
 [2008-10-27 13:45 UTC] jani@php.net
Assigned to the windows port maintainer.
 [2009-03-02 19:06 UTC] pajoye@php.net
Tested on Win 2008 and Vista:

C:\tmp\test\l2>cd ..
Access is denied.

C:\tmp\test\l2>\tmp\php530ntsvc9\php.exe \tmp\php530ntsvc9\acl.php
.
..


C:\tmp\test\l2>C:\Users\pierre\Documents\test\php53nts\php.exe \tmp\php530ntsvc9
\acl.php
.
..


I saw in your test that you called two times the script, the first run works, is it a copy/paste error or does it actually work in the 1st pass?
 [2009-03-16 19:09 UTC] jmboyd at bluebottle dot com
Just tested with the newest 5.2.9-1 win32 binaries under XP (no longer have Win2k handy to test with) and the behavior is still the same.

My initial test shows the script running twice to help show when the bug landed -- using php 5.2.1 there is no problem, but starting with version 5.2.2 the bug appears.
 [2009-06-03 20:29 UTC] garretts at microsoft dot com
I've tested this for 
   PHP5.3-dev (today's snapshot)
   PHP5.2.9-1
on  
   Windows 2003, 
   Windows Vista, 
   Windows 7,

and it performs as expected (able to find files in subdirectory where parent is ACL'd to deny). 

I don't have a XP box handy, I'll see if I can't spin up an XP VM in the next day or two.

jmboyd: What Service Pack level are you running on Windows XP


G
 [2009-06-20 11:40 UTC] pajoye@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/

or 5.3.0RC4
 [2009-06-28 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2010-01-25 19:56 UTC] pajoye@php.net
Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at 
http://www.php.net/downloads.php


 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Tue Nov 13 15:01:27 2018 UTC