|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #75379 Warning: finfo_file(): Null byte in regex in /root/php-src/bug/1.php on line 4
Submitted: 2017-10-15 08:09 UTC Modified: 2017-10-15 09:22 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: chipitsine at gmail dot com Assigned:
Status: Open Package: *General Issues
PHP Version: Irrelevant OS: centos 7
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: chipitsine at gmail dot com
New email:
PHP Version: OS:


 [2017-10-15 08:09 UTC] chipitsine at gmail dot com
when analyzing malware samples from VirusShare, I encountered a sample that fails on finfo_file

it's VirusShare_01ff33de3e8bdded777bdcabe1c983c1

I do not know how to upload it here

Test script:
$finfo = finfo_open(FILEINFO_MIME);
$type = finfo_file($finfo, __DIR__.'/VirusShare_01ff33de3e8bdded777bdcabe1c983c1');


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2017-10-15 08:11 UTC] chipitsine at gmail dot com
if someone wishes to get VirusShare_01ff33de3e8bdded777bdcabe1c983c1, please contact me, I'll provide
 [2017-10-15 08:13 UTC] chipitsine at gmail dot com
full error message:

Warning: finfo_file(): Null byte in regex in /root/php-src/bug/1.php on line 4

Warning: finfo_file(): Failed identify data 0:(null) in /root/php-src/bug/1.php on line 4
 [2017-10-15 08:51 UTC] spam2 at rhsoft dot net
how do you come to the crazy conclusion PHP version is irrelevant, you can't upload it here but you need to find a way upload it *somewhere* and place a link here - without reproducer and exact version no way to fix

if you are using the php shipped with RHEL you are completely wrong here because that's a no longer upstream maintained 5.4 and hence the redhat is your friend
 [2017-10-15 09:22 UTC] chipitsine at gmail dot com
I reproduced in master from
it is 7.2-git-master, but I couldn't figure out how to choose that version in dropdown box - password 'infected' (be careful, it's a malware sample for android)
 [2019-11-14 18:00 UTC] bugzilla at shnoulle dot net
Can reproduce with a simple file (Tab separated value) file
With fedora/Linux PHP Version 7.3.11

File was in

PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Wed Jan 29 15:01:24 2020 UTC