|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #77484 Zend engine crashes when calling realpath in invalid working dir
Submitted: 2019-01-18 00:28 UTC Modified: 2019-01-18 20:03 UTC
From: marcospassos dot com at gmail dot com Assigned: ab (profile)
Status: Closed Package: *Directory/Filesystem functions
PHP Version: 7.3.1 OS: Mac OS 10.12.6
Private report: No CVE-ID: None
 [2019-01-18 00:28 UTC] marcospassos dot com at gmail dot com
Calling realpath in an invalid working directory causes the engine to crash.

Test script:

Expected result:

Actual result:


add-undeflow-check (last revision 2019-01-18 16:56 UTC by

Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2019-01-18 00:31 UTC] spam2 at rhsoft dot net
outside the PHP world this would classify as vulnerability when simple 2-liner crashs a shared server process
 [2019-01-18 11:31 UTC]
-Type: Bug +Type: Security -Private report: No +Private report: Yes
 [2019-01-18 11:31 UTC]
Tentatively marking as sec bug.
 [2019-01-18 16:56 UTC]
The following patch has been added/updated:

Patch Name: add-undeflow-check
Revision:   1547830590
 [2019-01-18 16:56 UTC]
-Status: Open +Status: Verified -Assigned To: +Assigned To: ab
 [2019-01-18 16:56 UTC]
There occurs an unsigned underflow in tsrm_realpath_r()[1]; the
attached patch add-undeflow-check would solve this. Anatol, since
you've refactored tsrm_realpath_r() to size_t, could you please
review the patch?

[1] <>
 [2019-01-18 20:03 UTC]
-Type: Security +Type: Bug
 [2019-01-18 20:03 UTC]
Not a security issue - requires special condition and explicit user action to trigger.
 [2019-01-18 23:32 UTC] spam2 at rhsoft dot net
as said: outside the autistic php world it is considered as security bug as EVERY crash bug
 [2019-01-19 01:40 UTC]
Automatic comment on behalf of ab
Log: Fixed bug #77484 Zend engine crashes when calling realpath in invalid working dir
 [2019-01-19 01:40 UTC]
-Status: Verified +Status: Closed
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Jul 23 23:01:30 2024 UTC