|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #77656 proc_open() ignores invalid cwd argument
Submitted: 2019-02-22 22:41 UTC Modified: 2019-03-18 13:38 UTC
From: php at yghe dot net Assigned:
Status: Open Package: Program Execution
PHP Version: 7.3.2 OS: Mac OS X 10.14.3
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2019-02-22 22:41 UTC] php at yghe dot net
If the "$cwd" argument to "proc_open()" is invalid, the problem is ignored and execution continues (usually, with the wrong working directory).

In "proc_open.c", near line 835, the return value of "chdir()" is explicitly ignored:

Test script:

$spec = array(
  0 => array('pipe', 'r'),
  1 => array('pipe', 'w'),
  2 => array('pipe', 'w')
$pipes = array();
$proc = proc_open(
  'asldknfaeqwglknewqklnwnrfl'); // <<< Any Invalid Directory


Expected result:
"proc_open()" fails to open a subprocess and returns `false` if the "$cwd" argument is provided but not valid.

Actual result:
"proc_open()" continues in the presence of an invalid "$cwd", likely executing the subprocess in the wrong working directory.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2019-03-18 10:57 UTC]
From a quick look, the problem here is that chdir() is called after forking, at which point we can no longer influence whether proc_open in the parent process succeeds or not.
 [2019-03-18 13:38 UTC] php at yghe dot net
Yes, you're correct. A better "expected result" is perhaps:

The subprocess exits immediately with an error code after "chdir()" fails, instead of executing in the wrong working directory.

Before this, optionally, "proc_open()" might make some attempt to validate the directory and fail early with a more specific error message if "chdir()" seems unlikely to succeed (for example, because the working directory does not exist). However, this might be a difficult test to perform in the general case -- perhaps there are cases under, say, SELinux, where the parent process may be unable to see or access the directory but the child can.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Sat Dec 09 21:01:28 2023 UTC