|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #43491 Under certain conditions, file_exists() never returns
Submitted: 2007-12-04 00:19 UTC Modified: 2008-01-29 14:25 UTC
From: amccardie at cox dot net Assigned: dmitry
Status: Closed Package: Filesystem function related
PHP Version: 5.2-CVS-2007-12-05 OS: Windows 2003 SP2
Private report: No CVE-ID:
 [2007-12-04 00:19 UTC] amccardie at cox dot net
When open_basedir is set in php.ini, file_exists() will never return if called with an argument containing a ":/" or ":\\" without a corresponding drive letter.


file_exists("C:/foo.txt") => works
file_exists("C:\\foo.txt") => works

file_exists(":/foo.txt") never returns.
file_exists(":\\foo.txt") never returns.

Tested under Windows 2003 Server with SP2 and Windows XP Pro, both using Apache 2.2.6/mod_php. 

Reproduce code:
copy php.ini-dist to php.ini
set open_basedir = C:/

//Should print "no"
print file_exists("C:/foo.txt")?"yes\n":"no\n";

//Should also print "no" but never returns,
//causing high CPU, if open_basedir is set
print file_exists(":/foo.txt")?"yes\n":"no\n";

Expected result:

Actual result:
file_exists() call never returns


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2007-12-04 16:00 UTC] amccardie at cox dot net
As suggested, I tried the latest snapshot. I see the same results as described above. BTW, this happens with the CLI as well as mod_php.
 [2007-12-05 11:03 UTC]
So it just hangs there or what? (script never ends)

 [2007-12-05 15:25 UTC] amccardie at cox dot net
Exactly. The script hangs at the call to file_exists().

Also, using the CLI, the php.exe process goes to 99% CPU time. When it happens with mod_php, the httpd.exe process hogs the CPU.
 [2008-01-29 14:25 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Fri Nov 27 06:02:02 2015 UTC