php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #66395 basename function doesn't remove drive letter
Submitted: 2014-01-03 07:12 UTC Modified: 2014-01-05 18:30 UTC
Votes:1
Avg. Score:1.0 ± 0.0
Reproduced:0 of 1 (0.0%)
From: php at tokumaru dot org Assigned: ab (profile)
Status: Closed Package: Filesystem function related
PHP Version: 5.5.7 OS: Windows
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: php at tokumaru dot org
New email:
PHP Version: OS:

 

 [2014-01-03 07:12 UTC] php at tokumaru dot org
Description:
------------
basename function doesn't remove drive letter(example C:) on WIndows.
if path includes directory separator characters('\' or '/'), basename function returns trailing name component of path.
But, if path doesn't include directory separator characters, basename function returns file name with drive letter.


Test script:
---------------
echo basename('c:autoexec.bat');

Expected result:
----------------
autoexec.bat

Actual result:
--------------
c:autoexec.bat

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-01-03 21:46 UTC] ab@php.net
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=46f60fae22b420320f3616e00928d70706cf4f4c
Log: Fixed bug #66395 basename function doesn't remove drive letter
 [2014-01-03 21:46 UTC] ab@php.net
-Status: Open +Status: Closed
 [2014-01-03 22:09 UTC] ab@php.net
-Assigned To: +Assigned To: ab
 [2014-01-03 22:09 UTC] ab@php.net
Fixed according to the docs http://msdn.microsoft.com/en-us/library/aa365247(VS.85).aspx
Please test also 5.4 if possible, the fix will be soon available for tests http://windows.php.net/downloads/snaps/

Thanks
 [2014-01-04 01:28 UTC] ab@php.net
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=46f60fae22b420320f3616e00928d70706cf4f4c
Log: Fixed bug #66395 basename function doesn't remove drive letter
 [2014-01-05 12:46 UTC] php at tokumaru dot org
Thank you for the the bug fix.
However, this bug fix still has a problem.
The new basename function returns "c:autoexec.bat" for "c:c:autoexec.bat".
Basename function is used for directory traversal attack protection, so this behavior is not good.
The colon character(:) in NTFS file name is used to express NTFS stream, but PHP cannot treat NTFS streams.
Therefore, I think that the colon character(:) should be treated in the same way as a slash(/) and a backslash(\).
 [2014-01-05 18:30 UTC] ab@php.net
Thanks very much for staying on this, further fix is applied to 5.4+ http://git.php.net/?p=php-src.git;a=commitdiff;h=3f7f72adb25786f51e7907e0d37f2e25bd5cf3dd . Your traversal idea is brilliant :)

Btw. PHP can read NTFS streams, I didn't check the code yet, but a small snippet like basename("c:/somewhere/hello:world") worked in 5.4 . That's why it were wrong to handle ':' as directory separator. The implementation always checks for X:, char+colon therefore.

Thanks.
 [2014-10-07 23:16 UTC] stas@php.net
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=46f60fae22b420320f3616e00928d70706cf4f4c
Log: Fixed bug #66395 basename function doesn't remove drive letter
 [2014-10-07 23:27 UTC] stas@php.net
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=46f60fae22b420320f3616e00928d70706cf4f4c
Log: Fixed bug #66395 basename function doesn't remove drive letter
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 07 19:01:28 2024 UTC