|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #77552 Unintialized php_stream_statbuf in stat functions
Submitted: 2019-01-31 22:19 UTC Modified: -
From: john-stevenson at blueyonder dot co dot uk Assigned:
Status: Closed Package: Filesystem function related
PHP Version: 7.3.1 OS: Windows 10
Private report: No CVE-ID: None
 [2019-01-31 22:19 UTC] john-stevenson at blueyonder dot co dot uk
The php_stream_statbuf that is used in the filepath stat functions is uninitialized in function 'php_stat' (ext\standard\filestat.c). This can result in random st_mode values, when calling lstat on a NTFS junction.

The 'php_sys_stat_ex' function (zend\zend_virtual_cwd.c) sets the st_mode for everything except a junction, so the uninitialized value is returned.

The test script below just illustrates that it is uninitialized by using a debug build. On release builds the script will show the 'expected' mode value of 0, but when used in more complex scenarios (like a test suite) different values can be returned for junctions.

For example, from my error log, while trying to track this down: 
[31-Jan-2019 21:52:39 UTC] PHP 7.3.1
[31-Jan-2019 21:52:39 UTC] mode: 53467, composer-test-27485c536e26d95fa/junction
[31-Jan-2019 21:52:39 UTC] mode: 1508, composer-test-27485c536e26d95fa/junction
[31-Jan-2019 21:52:39 UTC] mode: 18252, composer-test-27485c536e26d95fa/junction 

Of course, since there is no S_IFJUNC, it is hard to know what the 'expected' st_mode value should be. However Composer uses it to check for a junction (if it is a directory, not a link and not S_ISDIR from lstat's st_mode) and our tests are sometimes now failing on PHP 7.3 


Test script:
Create a junction: mkdir /J path/to/junction path/to/target

Compile php with --enable-debug

Run: php.exe -r "print_r(lstat('path/to/junction'));"

Expected result:
[mode] => 0

Actual result:
[mode] => 52428


Add a Patch

Pull Requests

Pull requests:

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2019-02-02 11:18 UTC]
The following pull request has been associated:

Patch Name: Fix #77552: Uninitialized buffer in stat functions
On GitHub:
 [2019-02-11 10:34 UTC]
Automatic comment on behalf of
Log: Fix #77552: Uninitialized buffer in stat functions
 [2019-02-11 10:34 UTC]
-Status: Open +Status: Closed
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Apr 21 21:01:30 2024 UTC