php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #68861 chown does not work when php is compiling with ZTS
Submitted: 2015-01-20 13:06 UTC Modified: 2021-09-22 11:54 UTC
Votes:10
Avg. Score:4.1 ± 0.7
Reproduced:10 of 10 (100.0%)
Same Version:3 (30.0%)
Same OS:10 (100.0%)
From: lg at efficientip dot com Assigned:
Status: Verified Package: Filesystem function related
PHP Version: 5.6.4 OS: FreeBSD
Private report: No CVE-ID: None
 [2015-01-20 13:06 UTC] lg at efficientip dot com
Description:
------------
chown() does not work when PHP is compiling with ZTS on FreeBSD, In fact sysconf(_SC_GETGR_R_SIZE_MAX) may return -1 if there is no hard limit on the size of the buffer needed to store all the groups returned.


Test script:
---------------
<?php

exec('touch /tmp/test')
chown('/tmp/test', 'www');

?>


Expected result:
----------------
root:/tmp # php test.php
root:/tmp # ls -l /tmp/test
-rw-r--r--  1 www  wheel  0 Jan 20 13:19 /tmp/test


Actual result:
--------------
root:/tmp # php test.php

Warning: chown(): Unable to find uid for www in /tmp/test.php on line 4

root:/tmp # ls -l /tmp/test
-rw-r--r--  1 root  wheel  0 Jan 20 13:19 /tmp/test


Patches

php_get_uid_by_name.patch (last revision 2015-01-20 13:07 UTC by lg at efficientip dot com)

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-08-19 18:03 UTC] php at nearlyfreespeech dot net
This issue is still present on PHP 7.2 with FreeBSD 11.2.

The code for php_get_gid_by_name() needs the same fix as well, otherwise chgrp() gets the same result.

diff --git a/ext/standard/filestat.c b/ext/standard/filestat.c
index e730b5ae8d..deb0600d9f 100644
--- a/ext/standard/filestat.c
+++ b/ext/standard/filestat.c
@@ -303,6 +303,8 @@ PHPAPI int php_get_gid_by_name(const char *name, gid_t *gid)
                long grbuflen = sysconf(_SC_GETGR_R_SIZE_MAX);
                char *grbuf;

+               if ( -1 == grbuflen )
+                       grbuflen = 1024;
                if (grbuflen < 1) {
                        return FAILURE;
                }
@@ -439,6 +441,8 @@ PHPAPI uid_t php_get_uid_by_name(const char *name, uid_t *uid)
                long pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
                char *pwbuf;

+               if ( -1 == pwbuflen )
+                       pwbuflen = 1024;
                if (pwbuflen < 1) {
                        return FAILURE;
                }
 [2021-09-22 11:54 UTC] cmb@php.net
-Status: Open +Status: Verified
 [2021-09-22 11:54 UTC] cmb@php.net
That patch doesn't look quite right.  POSIX mandates[1]:

| If name is an invalid value, sysconf() shall return -1 and set
| errno to indicate the error. If the variable corresponding to name
| is described in <limits.h> as a maximum or minimum value and the
| variable has no limit, sysconf() shall return -1 without changing
| the value of errno.

So errno needs to be inspected at least.  If anybody is interested
in having this fixed, please provide a pull request[2].

[1] <https://pubs.opengroup.org/onlinepubs/9699919799/functions/sysconf.html>
[2] <https://github.com/php/php-src/pulls>
 [2022-12-08 06:59 UTC] barrykaau741 at gmail dot com
This cutoff concentrates nicely for us, favor your heart! Going toward an essentially indistinguishable issue here. Help is respected. (https://www.allieduniversalehub.org/)github.com
 [2024-04-14 15:18 UTC] bukka@php.net
The following pull request has been associated:

Patch Name: fix group/passwd api misuse if ZTS
On GitHub:  https://github.com/php/php-src/pull/13876
Patch:      https://github.com/php/php-src/pull/13876.patch
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 12:01:31 2024 UTC