PHP :: Bug #77656 :: proc_open() ignores invalid cwd argument

Bug #77656	proc_open() ignores invalid cwd argument
Submitted:	2019-02-22 22:41 UTC	Modified:	2019-03-18 13:38 UTC
From:	php at yghe dot net	Assigned:
Status:	Open	Package:	Program Execution
PHP Version:	7.3.2	OS:	Mac OS X 10.14.3
Private report:	No	CVE-ID:	None

View Developer Edit

[2019-02-22 22:41 UTC] php at yghe dot net

Description:
------------
If the "$cwd" argument to "proc_open()" is invalid, the problem is ignored and execution continues (usually, with the wrong working directory).

In "proc_open.c", near line 835, the return value of "chdir()" is explicitly ignored:

https://github.com/php/php-src/commit/a5eeecb13f8683eaadb137aee33ac2dd292bf1fc#diff-19f692ed5f75687fc7bc1929910e540f

Test script:
---------------
<?php

$spec = array(
  0 => array('pipe', 'r'),
  1 => array('pipe', 'w'),
  2 => array('pipe', 'w')
);
$pipes = array();
$proc = proc_open(
  'pwd',
  $spec,
  $pipes,
  'asldknfaeqwglknewqklnwnrfl'); // <<< Any Invalid Directory

var_dump($proc);
var_dump(stream_get_contents($pipes[1]));
var_dump(proc_get_status($proc));


Expected result:
----------------
"proc_open()" fails to open a subprocess and returns `false` if the "$cwd" argument is provided but not valid.

Actual result:
--------------
"proc_open()" continues in the presence of an invalid "$cwd", likely executing the subprocess in the wrong working directory.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2019-03-18 10:57 UTC] nikic@php.net

From a quick look, the problem here is that chdir() is called after forking, at which point we can no longer influence whether proc_open in the parent process succeeds or not.

[2019-03-18 13:38 UTC] php at yghe dot net

Yes, you're correct. A better "expected result" is perhaps:

The subprocess exits immediately with an error code after "chdir()" fails, instead of executing in the wrong working directory.

Before this, optionally, "proc_open()" might make some attempt to validate the directory and fail early with a more specific error message if "chdir()" seems unlikely to succeed (for example, because the working directory does not exist). However, this might be a difficult test to perform in the general case -- perhaps there are cases under, say, SELinux, where the parent process may be unable to see or access the directory but the child can.

[2024-01-12 16:32 UTC] daniellisa320 at gmail dot com

Certainly! It seems like you're asking for feedback or information about a bug, and you've requested a response including the keyword "." However, you haven't provided specific details about the bug or the context. Please provide more information about the bug, the platform you're referring to, and any relevant details for me to address your request accurately.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon May 12 19:01:27 2025 UTC