http://git.php.net/?p=php-src.git;a=patch;h=ce96fd6b0761d98353761bf78d5bfb55291179fd From ce96fd6b0761d98353761bf78d5bfb55291179fd Mon Sep 17 00:00:00 2001 From: Pierre Joye Date: Thu, 18 Nov 2010 15:22:22 +0000 Subject: [PATCH] - fix #39863, do not accept paths with NULL in them. diff -up php-5.3.3/ext/bz2/bz2.c.cve7243 php-5.3.3/ext/bz2/bz2.c --- php-5.3.3/ext/bz2/bz2.c.cve7243 2010-06-26 18:03:39.000000000 +0200 +++ php-5.3.3/ext/bz2/bz2.c 2013-05-03 11:57:08.291141605 +0200 @@ -387,6 +387,9 @@ static PHP_FUNCTION(bzopen) if (Z_TYPE_PP(file) == IS_STRING) { convert_to_string_ex(file); + if (strlen(Z_STRVAL_PP(file)) != Z_STRLEN_PP(file)) { + RETURN_FALSE; + } if (Z_STRLEN_PP(file) == 0) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "filename cannot be empty"); RETURN_FALSE; diff -up php-5.3.3/ext/com_dotnet/com_persist.c.cve7243 php-5.3.3/ext/com_dotnet/com_persist.c --- php-5.3.3/ext/com_dotnet/com_persist.c.cve7243 2010-01-03 10:23:27.000000000 +0100 +++ php-5.3.3/ext/com_dotnet/com_persist.c 2013-05-03 11:57:08.291141605 +0200 @@ -389,6 +389,9 @@ CPH_METHOD(SaveToFile) } if (filename) { + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } fullpath = expand_filepath(filename, NULL TSRMLS_CC); if (!fullpath) { RETURN_FALSE; @@ -453,6 +456,10 @@ CPH_METHOD(LoadFromFile) return; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { RETURN_FALSE; } diff -up php-5.3.3/ext/enchant/enchant.c.cve7243 php-5.3.3/ext/enchant/enchant.c --- php-5.3.3/ext/enchant/enchant.c.cve7243 2010-05-02 07:01:51.000000000 +0200 +++ php-5.3.3/ext/enchant/enchant.c 2013-05-03 11:57:08.291141605 +0200 @@ -587,6 +587,10 @@ PHP_FUNCTION(enchant_broker_request_pwl_ RETURN_FALSE; } + if (strlen(pwl) != pwllen) { + RETURN_FALSE; + } + #if PHP_API_VERSION < 20100412 if ((PG(safe_mode) && (!php_checkuid(pwl, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(pwl TSRMLS_CC)) { #else diff -up php-5.3.3/ext/fileinfo/fileinfo.c.cve7243 php-5.3.3/ext/fileinfo/fileinfo.c --- php-5.3.3/ext/fileinfo/fileinfo.c.cve7243 2013-05-03 11:57:08.057140307 +0200 +++ php-5.3.3/ext/fileinfo/fileinfo.c 2013-05-03 11:57:08.292141611 +0200 @@ -294,6 +294,9 @@ PHP_FUNCTION(finfo_open) if (file_len == 0) { file = NULL; } else if (file && *file) { /* user specified file, perform open_basedir checks */ + if (strlen(file) != file_len) { + RETURN_FALSE; + } if (!VCWD_REALPATH(file, resolved_path)) { RETURN_FALSE; } diff -up php-5.3.3/ext/gd/gd.c.cve7243 php-5.3.3/ext/gd/gd.c --- php-5.3.3/ext/gd/gd.c.cve7243 2010-01-15 18:09:14.000000000 +0100 +++ php-5.3.3/ext/gd/gd.c 2013-05-03 11:57:08.292141611 +0200 @@ -2642,6 +2642,9 @@ static void _php_image_output(INTERNAL_F } if (argc >= 2 && file_len) { + if (strlen(file) != file_len) { + RETURN_FALSE; + } PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename"); fp = VCWD_FOPEN(fn, "wb"); @@ -4552,6 +4555,14 @@ static void _php_image_convert(INTERNAL_ dest_width = width; int_threshold = threshold; + if (strlen(f_org) != f_org_len) { + RETURN_FALSE; + } + + if (strlen(f_dest) != f_dest_len) { + RETURN_FALSE; + } + /* Check threshold value */ if (int_threshold < 0 || int_threshold > 8) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid threshold value '%d'", int_threshold); diff -up php-5.3.3/ext/gd/gd_ctx.c.cve7243 php-5.3.3/ext/gd/gd_ctx.c --- php-5.3.3/ext/gd/gd_ctx.c.cve7243 2010-01-03 10:23:27.000000000 +0100 +++ php-5.3.3/ext/gd/gd_ctx.c 2013-05-03 11:57:08.292141611 +0200 @@ -91,6 +91,9 @@ static void _php_image_output_ctx(INTERN } if (argc > 1 && file_len) { + if (strlen(file) != file_len) { + RETURN_FALSE; + } PHP_GD_CHECK_OPEN_BASEDIR(file, "Invalid filename"); fp = VCWD_FOPEN(file, "wb"); diff -up php-5.3.3/ext/imap/php_imap.c.cve7243 php-5.3.3/ext/imap/php_imap.c --- php-5.3.3/ext/imap/php_imap.c.cve7243 2013-05-03 11:57:08.063140340 +0200 +++ php-5.3.3/ext/imap/php_imap.c 2013-05-03 11:57:08.293141616 +0200 @@ -1216,10 +1216,14 @@ static void php_imap_do_open(INTERNAL_FU } /* local filename, need to perform open_basedir and safe_mode checks */ - if (mailbox[0] != '{' && - (php_check_open_basedir(mailbox TSRMLS_CC) || - (PG(safe_mode) && !php_checkuid(mailbox, NULL, CHECKUID_CHECK_FILE_AND_DIR)))) { - RETURN_FALSE; + if (mailbox[0] != '{') { + if (strlen(mailbox) != mailbox_len) { + RETURN_FALSE; + } + if (php_check_open_basedir(mailbox TSRMLS_CC) || + (PG(safe_mode) && !php_checkuid(mailbox, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + RETURN_FALSE; + } } IMAPG(imap_user) = estrndup(user, user_len); diff -up php-5.3.3/ext/oci8/oci8_interface.c.cve7243 php-5.3.3/ext/oci8/oci8_interface.c --- php-5.3.3/ext/oci8/oci8_interface.c.cve7243 2010-01-06 19:58:16.000000000 +0100 +++ php-5.3.3/ext/oci8/oci8_interface.c 2013-05-03 11:57:08.294141621 +0200 @@ -271,6 +271,10 @@ PHP_FUNCTION(oci_lob_load) return; } } + + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } if (zend_hash_find(Z_OBJPROP_P(z_descriptor), "descriptor", sizeof("descriptor"), (void **)&tmp) == FAILURE) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find descriptor property"); @@ -662,7 +666,7 @@ PHP_FUNCTION(oci_lob_erase) RETURN_FALSE; } } - + if (zend_hash_find(Z_OBJPROP_P(z_descriptor), "descriptor", sizeof("descriptor"), (void **)&tmp) == FAILURE) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find descriptor property"); RETURN_FALSE; @@ -918,6 +922,10 @@ PHP_FUNCTION(oci_lob_export) /* nothing to write, fail silently */ RETURN_FALSE; } + + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; diff -up php-5.3.3/ext/odbc/php_odbc.c.cve7243 php-5.3.3/ext/odbc/php_odbc.c --- php-5.3.3/ext/odbc/php_odbc.c.cve7243 2013-05-03 11:57:08.067140362 +0200 +++ php-5.3.3/ext/odbc/php_odbc.c 2013-05-03 11:57:08.294141621 +0200 @@ -1300,8 +1300,11 @@ PHP_FUNCTION(odbc_execute) if (Z_STRLEN_PP(tmp) > 2 && Z_STRVAL_PP(tmp)[0] == '\'' && Z_STRVAL_PP(tmp)[Z_STRLEN_PP(tmp) - 1] == '\'') { + if (strlen(tmp) != Z_STRLEN_PP(tmp)) { + RETURN_FALSE; + } + filename = estrndup(&Z_STRVAL_PP(tmp)[1], Z_STRLEN_PP(tmp) - 2); - filename[strlen(filename)] = '\0'; /* Check for safe mode. */ if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { diff -up php-5.3.3/ext/openssl/openssl.c.cve7243 php-5.3.3/ext/openssl/openssl.c --- php-5.3.3/ext/openssl/openssl.c.cve7243 2013-05-03 11:57:08.184141011 +0200 +++ php-5.3.3/ext/openssl/openssl.c 2013-05-03 11:57:08.295141627 +0200 @@ -1771,6 +1771,10 @@ PHP_FUNCTION(openssl_pkcs12_export_to_fi return; RETVAL_FALSE; + + if (strlen(filename) != filename_len) { + return; + } cert = php_openssl_x509_from_zval(zcert, 0, &certresource TSRMLS_CC); if (cert == NULL) { @@ -2218,6 +2222,10 @@ PHP_FUNCTION(openssl_csr_export_to_file) } RETVAL_FALSE; + if (strlen(filename) != filename_len) { + return; + } + csr = php_openssl_csr_from_zval(&zcsr, 0, &csr_resource TSRMLS_CC); if (csr == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot get CSR from parameter 1"); @@ -3002,6 +3010,10 @@ PHP_FUNCTION(openssl_pkey_export_to_file } RETVAL_FALSE; + if (strlen(filename) != filename_len) { + return; + } + key = php_openssl_evp_from_zval(zpkey, 0, passphrase, 0, &key_resource TSRMLS_CC); if (key == NULL) { @@ -3394,7 +3406,14 @@ PHP_FUNCTION(openssl_pkcs7_encrypt) &outfilename, &outfilename_len, &zrecipcerts, &zheaders, &flags, &cipherid) == FAILURE) return; - + if (strlen(infilename) != infilename_len) { + return; + } + + if (strlen(outfilename) != outfilename_len) { + return; + } + if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) || php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) { return; } @@ -3526,14 +3545,22 @@ PHP_FUNCTION(openssl_pkcs7_sign) char * outfilename; int outfilename_len; char * extracertsfilename = NULL; int extracertsfilename_len; + RETVAL_FALSE; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZZa!|ls", &infilename, &infilename_len, &outfilename, &outfilename_len, &zcert, &zprivkey, &zheaders, &flags, &extracertsfilename, &extracertsfilename_len) == FAILURE) { return; } - - RETVAL_FALSE; + + if (strlen(infilename) != infilename_len) { + return; + } + + if (strlen(outfilename) != outfilename_len) { + return; + } if (extracertsfilename) { others = load_all_certs_from_file(extracertsfilename); @@ -3630,12 +3657,20 @@ PHP_FUNCTION(openssl_pkcs7_decrypt) char * infilename; int infilename_len; char * outfilename; int outfilename_len; + RETVAL_FALSE; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZ|Z", &infilename, &infilename_len, &outfilename, &outfilename_len, &recipcert, &recipkey) == FAILURE) { return; } - RETVAL_FALSE; + if (strlen(infilename) != infilename_len) { + return; + } + + if (strlen(outfilename) != outfilename_len) { + return; + } cert = php_openssl_x509_from_zval(recipcert, 0, &certresval TSRMLS_CC); if (cert == NULL) { diff -up php-5.3.3/ext/pgsql/pgsql.c.cve7243 php-5.3.3/ext/pgsql/pgsql.c --- php-5.3.3/ext/pgsql/pgsql.c.cve7243 2010-05-01 20:27:42.000000000 +0200 +++ php-5.3.3/ext/pgsql/pgsql.c 2013-05-03 11:57:08.297141638 +0200 @@ -3339,6 +3339,10 @@ PHP_FUNCTION(pg_lo_import) WRONG_PARAM_COUNT; } + if (strlen(file_in) != name_len) { + RETURN_FALSE; + } + if (PG(safe_mode) &&(!php_checkuid(file_in, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } @@ -3476,6 +3480,10 @@ PHP_FUNCTION(pg_lo_export) RETURN_FALSE; } + if (strlen(file_out) != name_len) { + RETURN_FALSE; + } + if (PG(safe_mode) &&(!php_checkuid(file_out, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } diff -up php-5.3.3/ext/posix/posix.c.cve7243 php-5.3.3/ext/posix/posix.c --- php-5.3.3/ext/posix/posix.c.cve7243 2010-06-26 18:03:39.000000000 +0200 +++ php-5.3.3/ext/posix/posix.c 2013-05-03 11:57:08.297141638 +0200 @@ -842,6 +842,10 @@ PHP_FUNCTION(posix_mkfifo) RETURN_FALSE; } + if (strlen(path) != path_len) { + RETURN_FALSE; + } + if (php_check_open_basedir_ex(path, 0 TSRMLS_CC) || (PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR)))) { RETURN_FALSE; @@ -877,6 +881,10 @@ PHP_FUNCTION(posix_mknod) RETURN_FALSE; } + if (strlen(path) != path_len) { + RETURN_FALSE; + } + if (php_check_open_basedir_ex(path, 0 TSRMLS_CC) || (PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR)))) { RETURN_FALSE; @@ -957,6 +965,10 @@ PHP_FUNCTION(posix_access) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + path = expand_filepath(filename, NULL TSRMLS_CC); if (!path) { POSIX_G(last_error) = EIO; diff -up php-5.3.3/ext/pspell/pspell.c.cve7243 php-5.3.3/ext/pspell/pspell.c --- php-5.3.3/ext/pspell/pspell.c.cve7243 2010-01-03 10:23:27.000000000 +0100 +++ php-5.3.3/ext/pspell/pspell.c 2013-05-03 11:57:08.298141644 +0200 @@ -402,6 +402,10 @@ static PHP_FUNCTION(pspell_new_personal) } #endif + if (strlen(personal) != personal_len) { + RETURN_FALSE; + } + if (PG(safe_mode) && (!php_checkuid(personal, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { delete_pspell_config(config); RETURN_FALSE; @@ -834,6 +838,10 @@ static void pspell_config_path(INTERNAL_ return; } + if (strlen(value) != value_len) { + RETURN_FALSE; + } + PSPELL_FETCH_CONFIG; if (PG(safe_mode) && (!php_checkuid(value, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { @@ -891,6 +899,10 @@ static PHP_FUNCTION(pspell_config_repl) pspell_config_replace(config, "save-repl", "true"); + if (strlen(repl) != repl_len) { + RETURN_FALSE; + } + if (PG(safe_mode) && (!php_checkuid(repl, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } diff -up php-5.3.3/ext/sqlite3/sqlite3.c.cve7243 php-5.3.3/ext/sqlite3/sqlite3.c --- php-5.3.3/ext/sqlite3/sqlite3.c.cve7243 2010-06-21 13:06:31.000000000 +0200 +++ php-5.3.3/ext/sqlite3/sqlite3.c 2013-05-03 11:57:08.299141649 +0200 @@ -114,6 +114,9 @@ PHP_METHOD(sqlite3, open) zend_throw_exception(zend_exception_get_default(TSRMLS_C), "Already initialised DB Object", 0 TSRMLS_CC); } + if (strlen(filename) != filename_len) { + return; + } if (strncmp(filename, ":memory:", 8) != 0) { if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { zend_throw_exception(zend_exception_get_default(TSRMLS_C), "Unable to expand filepath", 0 TSRMLS_CC); diff -up php-5.3.3/ext/sqlite/sqlite.c.cve7243 php-5.3.3/ext/sqlite/sqlite.c --- php-5.3.3/ext/sqlite/sqlite.c.cve7243 2010-04-28 14:10:10.000000000 +0200 +++ php-5.3.3/ext/sqlite/sqlite.c 2013-05-03 11:57:08.298141644 +0200 @@ -1560,6 +1560,9 @@ PHP_FUNCTION(sqlite_popen) ZVAL_NULL(errmsg); } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { /* resolve the fully-qualified path name to use as the hash key */ if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { @@ -1637,6 +1640,9 @@ PHP_FUNCTION(sqlite_open) ZVAL_NULL(errmsg); } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { /* resolve the fully-qualified path name to use as the hash key */ if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { @@ -1690,6 +1696,10 @@ PHP_FUNCTION(sqlite_factory) ZVAL_NULL(errmsg); } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { /* resolve the fully-qualified path name to use as the hash key */ if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { diff -up php-5.3.3/ext/standard/basic_functions.c.cve7243 php-5.3.3/ext/standard/basic_functions.c --- php-5.3.3/ext/standard/basic_functions.c.cve7243 2013-05-03 11:57:08.078140423 +0200 +++ php-5.3.3/ext/standard/basic_functions.c 2013-05-03 11:57:08.300141655 +0200 @@ -4667,6 +4667,12 @@ PHP_FUNCTION(error_log) opt_err = erropt; } + if (opt_err == 3) { + if (strlen(opt) != opt_len) { + RETURN_FALSE; + } + } + if (_php_error_log_ex(opt_err, message, message_len, opt, headers TSRMLS_CC) == FAILURE) { RETURN_FALSE; } @@ -5155,6 +5161,10 @@ PHP_FUNCTION(highlight_file) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (i) { php_start_ob_buffer (NULL, 0, 1 TSRMLS_CC); } @@ -5201,6 +5211,10 @@ PHP_FUNCTION(php_strip_whitespace) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + file_handle.type = ZEND_HANDLE_FILENAME; file_handle.filename = filename; file_handle.free_filename = 0; @@ -5461,6 +5475,11 @@ PHP_FUNCTION(set_include_path) return; } + /* No nulls allowed in paths */ + if (strlen(new_value) != new_value_len) { + RETURN_FALSE; + } + old_value = zend_ini_string("include_path", sizeof("include_path"), 0); /* copy to return here, because alter might free it! */ if (old_value) { @@ -5771,6 +5790,10 @@ PHP_FUNCTION(is_uploaded_file) return; } + if (strlen(path) != path_len) { + RETURN_FALSE; + } + if (zend_hash_exists(SG(rfc1867_uploaded_files), path, path_len + 1)) { RETURN_TRUE; } else { @@ -5811,6 +5834,14 @@ PHP_FUNCTION(move_uploaded_file) RETURN_FALSE; } + if (strlen(path) != path_len) { + RETURN_FALSE; + } + + if (strlen(new_path) != new_path_len) { + RETURN_FALSE; + } + VCWD_UNLINK(new_path); if (VCWD_RENAME(path, new_path) == 0) { successful = 1; @@ -5954,6 +5985,10 @@ PHP_FUNCTION(parse_ini_file) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + /* Set callback function */ if (process_sections) { BG(active_ini_file_section) = NULL; diff -up php-5.3.3/ext/standard/dir.c.cve7243 php-5.3.3/ext/standard/dir.c --- php-5.3.3/ext/standard/dir.c.cve7243 2010-06-26 18:03:39.000000000 +0200 +++ php-5.3.3/ext/standard/dir.c 2013-05-03 11:57:08.301141660 +0200 @@ -325,6 +325,10 @@ PHP_FUNCTION(chdir) RETURN_FALSE; } + if (strlen(str) != str_len) { + RETURN_FALSE; + } + if ((PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) || php_check_open_basedir(str TSRMLS_CC)) { RETURN_FALSE; } @@ -436,6 +440,10 @@ PHP_FUNCTION(glob) return; } + if (strlen(pattern) != pattern_len) { + RETURN_FALSE; + } + if (pattern_len >= MAXPATHLEN) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Pattern exceeds the maximum allowed length of %d characters", MAXPATHLEN); RETURN_FALSE; @@ -557,6 +565,10 @@ PHP_FUNCTION(scandir) return; } + if (strlen(dirn) != dirn_len) { + RETURN_FALSE; + } + if (dirn_len < 1) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Directory name cannot be empty"); RETURN_FALSE; diff -up php-5.3.3/ext/standard/file.c.cve7243 php-5.3.3/ext/standard/file.c --- php-5.3.3/ext/standard/file.c.cve7243 2013-05-03 11:57:08.024140124 +0200 +++ php-5.3.3/ext/standard/file.c 2013-05-03 11:57:08.302141666 +0200 @@ -382,6 +382,10 @@ PHP_FUNCTION(get_meta_tags) return; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + md.stream = php_stream_open_wrapper(filename, "rb", (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL); @@ -535,6 +539,10 @@ PHP_FUNCTION(file_get_contents) return; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (ZEND_NUM_ARGS() == 5 && maxlen < 0) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "length must be greater than or equal to zero"); RETURN_FALSE; @@ -592,6 +600,10 @@ PHP_FUNCTION(file_put_contents) return; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (Z_TYPE_P(data) == IS_RESOURCE) { php_stream_from_zval(srcstream, &data); } @@ -736,6 +748,11 @@ PHP_FUNCTION(file) if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|lr!", &filename, &filename_len, &flags, &zcontext) == FAILURE) { return; } + + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (flags < 0 || flags > (PHP_FILE_USE_INCLUDE_PATH | PHP_FILE_IGNORE_NEW_LINES | PHP_FILE_SKIP_EMPTY_LINES | PHP_FILE_NO_DEFAULT_CONTEXT)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "'%ld' flag is not supported", flags); RETURN_FALSE; @@ -833,6 +850,14 @@ PHP_FUNCTION(tempnam) return; } + if (strlen(dir) != dir_len) { + RETURN_FALSE; + } + + if (strlen(prefix) != prefix_len) { + RETURN_FALSE; + } + if (PG(safe_mode) &&(!php_checkuid(dir, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } @@ -891,6 +916,10 @@ PHP_NAMED_FUNCTION(php_if_fopen) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + context = php_stream_context_from_zval(zcontext, 0); stream = php_stream_open_wrapper_ex(filename, mode, (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); @@ -1394,6 +1423,10 @@ PHP_FUNCTION(mkdir) RETURN_FALSE; } + if (strlen(dir) != dir_len) { + RETURN_FALSE; + } + context = php_stream_context_from_zval(zcontext, 0); RETURN_BOOL(php_stream_mkdir(dir, mode, (recursive ? PHP_STREAM_MKDIR_RECURSIVE : 0) | REPORT_ERRORS, context)); @@ -1413,6 +1446,10 @@ PHP_FUNCTION(rmdir) RETURN_FALSE; } + if (strlen(dir) != dir_len) { + RETURN_FALSE; + } + context = php_stream_context_from_zval(zcontext, 0); RETURN_BOOL(php_stream_rmdir(dir, REPORT_ERRORS, context)); @@ -1435,6 +1472,10 @@ PHP_FUNCTION(readfile) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + context = php_stream_context_from_zval(zcontext, 0); stream = php_stream_open_wrapper_ex(filename, "rb", (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); @@ -1508,6 +1549,14 @@ PHP_FUNCTION(rename) RETURN_FALSE; } + if (strlen(old_name) != old_name_len) { + RETURN_FALSE; + } + + if (strlen(new_name) != new_name_len) { + RETURN_FALSE; + } + wrapper = php_stream_locate_url_wrapper(old_name, NULL, 0 TSRMLS_CC); if (!wrapper || !wrapper->wops) { @@ -1545,6 +1594,10 @@ PHP_FUNCTION(unlink) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + context = php_stream_context_from_zval(zcontext, 0); wrapper = php_stream_locate_url_wrapper(filename, NULL, 0 TSRMLS_CC); @@ -1681,6 +1734,14 @@ PHP_FUNCTION(copy) return; } + if (strlen(source) != source_len) { + RETURN_FALSE; + } + + if (strlen(target) != target_len) { + RETURN_FALSE; + } + if (PG(safe_mode) &&(!php_checkuid(source, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } @@ -2372,6 +2433,10 @@ PHP_FUNCTION(realpath) return; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (VCWD_REALPATH(filename, resolved_path_buff)) { if (PG(safe_mode) && (!php_checkuid(resolved_path_buff, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; @@ -2514,6 +2579,14 @@ PHP_FUNCTION(fnmatch) return; } + if (strlen(pattern) != pattern_len) { + RETURN_FALSE; + } + + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (filename_len >= MAXPATHLEN) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Filename exceeds the maximum allowed length of %d characters", MAXPATHLEN); RETURN_FALSE; diff -up php-5.3.3/ext/standard/filestat.c.cve7243 php-5.3.3/ext/standard/filestat.c --- php-5.3.3/ext/standard/filestat.c.cve7243 2010-01-03 10:23:27.000000000 +0100 +++ php-5.3.3/ext/standard/filestat.c 2013-05-03 11:57:08.302141666 +0200 @@ -379,6 +379,10 @@ PHP_FUNCTION(disk_free_space) RETURN_FALSE; } + if (strlen(path) != path_len) { + RETURN_FALSE; + } + if (php_disk_free_space(path, &bytesfree TSRMLS_CC) == SUCCESS) { RETURN_DOUBLE(bytesfree); } @@ -399,6 +403,10 @@ static void php_do_chgrp(INTERNAL_FUNCTI RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (Z_TYPE_P(group) == IS_LONG) { gid = (gid_t)Z_LVAL_P(group); } else if (Z_TYPE_P(group) == IS_STRING) { @@ -500,6 +508,10 @@ static void php_do_chown(INTERNAL_FUNCTI return; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (Z_TYPE_P(user) == IS_LONG) { uid = (uid_t)Z_LVAL_P(user); } else if (Z_TYPE_P(user) == IS_STRING) { @@ -607,6 +619,10 @@ PHP_FUNCTION(chmod) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + /* Check the basedir */ if (php_check_open_basedir(filename TSRMLS_CC)) { RETURN_FALSE; @@ -660,6 +676,10 @@ PHP_FUNCTION(touch) return; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + switch (argc) { case 1: #ifdef HAVE_UTIME_NULL @@ -715,8 +735,9 @@ PHP_FUNCTION(touch) PHPAPI void php_clear_stat_cache(zend_bool clear_realpath_cache, const char *filename, int filename_len TSRMLS_DC) { /* always clear CurrentStatFile and CurrentLStatFile even if filename is not NULL - * as it may contains outdated data (e.g. "nlink" for a directory when deleting a file + * as it may contain outdated data (e.g. "nlink" for a directory when deleting a file * in this directory, as shown by lstat_stat_variation9.phpt) */ + if (BG(CurrentStatFile)) { efree(BG(CurrentStatFile)); BG(CurrentStatFile) = NULL; @@ -777,6 +798,10 @@ PHPAPI void php_stat(const char *filenam RETURN_FALSE; } + if (strlen(filename) != filename_length) { + RETURN_FALSE; + } + if ((wrapper = php_stream_locate_url_wrapper(filename, &local, 0 TSRMLS_CC)) == &php_plain_files_wrapper) { if (php_check_open_basedir(local TSRMLS_CC)) { RETURN_FALSE; diff -up php-5.3.3/ext/standard/ftok.c.cve7243 php-5.3.3/ext/standard/ftok.c --- php-5.3.3/ext/standard/ftok.c.cve7243 2010-01-03 10:23:27.000000000 +0100 +++ php-5.3.3/ext/standard/ftok.c 2013-05-03 11:57:08.302141666 +0200 @@ -39,6 +39,10 @@ PHP_FUNCTION(ftok) return; } + if (strlen(pathname) != pathname_len) { + RETURN_FALSE; + } + if (pathname_len == 0){ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Pathname is invalid"); RETURN_LONG(-1); diff -up php-5.3.3/ext/standard/iptc.c.cve7243 php-5.3.3/ext/standard/iptc.c --- php-5.3.3/ext/standard/iptc.c.cve7243 2010-01-03 10:23:27.000000000 +0100 +++ php-5.3.3/ext/standard/iptc.c 2013-05-03 11:57:08.302141666 +0200 @@ -190,6 +190,10 @@ PHP_FUNCTION(iptcembed) return; } + if (strlen(jpeg_file) != jpeg_file_len) { + RETURN_FALSE; + } + if (PG(safe_mode) && (!php_checkuid(jpeg_file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } diff -up php-5.3.3/ext/standard/link.c.cve7243 php-5.3.3/ext/standard/link.c --- php-5.3.3/ext/standard/link.c.cve7243 2010-01-03 10:23:27.000000000 +0100 +++ php-5.3.3/ext/standard/link.c 2013-05-03 11:57:08.303141671 +0200 @@ -64,6 +64,10 @@ PHP_FUNCTION(readlink) return; } + if (strlen(link) != link_len) { + RETURN_FALSE; + } + if (PG(safe_mode) && !php_checkuid(link, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { RETURN_FALSE; } @@ -123,6 +127,14 @@ PHP_FUNCTION(symlink) if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &topath, &topath_len, &frompath, &frompath_len) == FAILURE) { return; } + + if (strlen(topath) != topath_len) { + RETURN_FALSE; + } + + if (strlen(frompath) != frompath_len) { + RETURN_FALSE; + } if (!expand_filepath(frompath, source_p TSRMLS_CC)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "No such file or directory"); @@ -188,6 +200,14 @@ PHP_FUNCTION(link) return; } + if (strlen(topath) != topath_len) { + RETURN_FALSE; + } + + if (strlen(frompath) != frompath_len) { + RETURN_FALSE; + } + if (!expand_filepath(frompath, source_p TSRMLS_CC) || !expand_filepath(topath, dest_p TSRMLS_CC)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "No such file or directory"); RETURN_FALSE; diff -up php-5.3.3/ext/tidy/tidy.c.cve7243 php-5.3.3/ext/tidy/tidy.c --- php-5.3.3/ext/tidy/tidy.c.cve7243 2010-03-12 11:28:59.000000000 +0100 +++ php-5.3.3/ext/tidy/tidy.c 2013-05-03 11:57:08.303141671 +0200 @@ -567,6 +567,9 @@ static void php_tidy_quick_repair(INTERN } if (is_file) { + if (strlen(arg1) != arg1_len) { + RETURN_FALSE; + } if (!(data = php_tidy_file_to_mem(arg1, use_include_path, &data_len TSRMLS_CC))) { RETURN_FALSE; } @@ -1221,6 +1224,9 @@ static PHP_FUNCTION(tidy_parse_file) RETURN_FALSE; } + if (strlen(inputfile) != input_len) { + RETURN_FALSE; + } tidy_instanciate(tidy_ce_doc, return_value TSRMLS_CC); obj = (PHPTidyObj *) zend_object_store_get_object(return_value TSRMLS_CC); @@ -1534,10 +1540,13 @@ static TIDY_DOC_METHOD(__construct) &options, &enc, &enc_len, &use_include_path) == FAILURE) { RETURN_FALSE; } - + obj = (PHPTidyObj *)zend_object_store_get_object(object TSRMLS_CC); if (inputfile) { + if (strlen(inputfile) != input_len) { + RETURN_FALSE; + } if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path, &contents_len TSRMLS_CC))) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot Load '%s' into memory %s", inputfile, (use_include_path) ? "(Using include path)" : ""); return; @@ -1568,7 +1577,10 @@ static TIDY_DOC_METHOD(parseFile) &options, &enc, &enc_len, &use_include_path) == FAILURE) { RETURN_FALSE; } - + + if (strlen(inputfile) != input_len) { + RETURN_FALSE; + } if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path, &contents_len TSRMLS_CC))) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot Load '%s' into memory %s", inputfile, (use_include_path) ? "(Using include path)" : ""); RETURN_FALSE; diff -up php-5.3.3/ext/xsl/xsltprocessor.c.cve7243 php-5.3.3/ext/xsl/xsltprocessor.c --- php-5.3.3/ext/xsl/xsltprocessor.c.cve7243 2013-05-03 11:57:08.259141427 +0200 +++ php-5.3.3/ext/xsl/xsltprocessor.c 2013-05-03 11:57:08.303141671 +0200 @@ -690,6 +690,9 @@ PHP_FUNCTION(xsl_xsltprocessor_transform ret = -1; if (newdocp) { + if (strlen(uri) != uri_len) { + RETURN_FALSE; + } ret = xsltSaveResultToFilename(uri, newdocp, sheetp, 0); xmlFreeDoc(newdocp); } @@ -893,7 +896,7 @@ PHP_FUNCTION(xsl_xsltprocessor_set_profi if (intern->profiling) { efree(intern->profiling); } - if (filename != NULL) { + if (filename != NULL && strlen(filename) == filename_len) { intern->profiling = estrndup(filename,filename_len); } else { intern->profiling = NULL; diff -up php-5.3.3/ext/zip/php_zip.c.cve7243 php-5.3.3/ext/zip/php_zip.c --- php-5.3.3/ext/zip/php_zip.c.cve7243 2013-05-03 11:57:08.141140773 +0200 +++ php-5.3.3/ext/zip/php_zip.c 2013-05-03 11:59:23.507871248 +0200 @@ -1148,6 +1148,10 @@ static PHP_NAMED_FUNCTION(zif_zip_open) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (ZIP_OPENBASEDIR_CHECKPATH(filename)) { RETURN_FALSE; } @@ -1437,6 +1441,10 @@ static ZIPARCHIVE_METHOD(open) RETURN_FALSE; } + if (strlen(filename) != filename_len) { + RETURN_FALSE; + } + if (ZIP_OPENBASEDIR_CHECKPATH(filename)) { RETURN_FALSE; } @@ -2363,6 +2371,10 @@ static ZIPARCHIVE_METHOD(extractTo) RETURN_FALSE; } + if (strlen(pathto) != pathto_len) { + RETURN_FALSE; + } + if (php_stream_stat_path(pathto, &ssb) < 0) { ret = php_stream_mkdir(pathto, 0777, PHP_STREAM_MKDIR_RECURSIVE, NULL); if (!ret) { @@ -2449,6 +2461,9 @@ static void php_zip_get_from(INTERNAL_FU if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|ll", &filename, &filename_len, &len, &flags) == FAILURE) { return; } + if (strlen(filename) != filename_len) { + return; + } PHP_ZIP_STAT_PATH(intern, filename, filename_len, flags, sb); } else { if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|ll", &index, &len, &flags) == FAILURE) { diff -up php-5.3.3/main/fopen_wrappers.c.cve7243 php-5.3.3/main/fopen_wrappers.c --- php-5.3.3/main/fopen_wrappers.c.cve7243 2010-04-22 00:22:31.000000000 +0200 +++ php-5.3.3/main/fopen_wrappers.c 2013-05-03 11:57:08.304141677 +0200 @@ -519,6 +519,10 @@ PHPAPI char *php_resolve_path(const char return NULL; } + if (strlen(filename) != filename_length) { + return NULL; + } + /* Don't resolve paths which contain protocol (except of file://) */ for (p = filename; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++); if ((*p == ':') && (p - filename > 1) && (p[1] == '/') && (p[2] == '/')) { diff -up php-5.3.3/Zend/zend_vm_execute.h.cve7243 php-5.3.3/Zend/zend_vm_execute.h --- php-5.3.3/Zend/zend_vm_execute.h.cve7243 2010-07-05 11:08:35.000000000 +0200 +++ php-5.3.3/Zend/zend_vm_execute.h 2013-05-03 11:57:08.290141599 +0200 @@ -1880,6 +1880,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O return_value_used = RETURN_VALUE_USED(opline); + if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { + if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || + Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) { + zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); + } else { + zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); + } + goto done; + } + switch (Z_LVAL(opline->op2.u.constant)) { case ZEND_INCLUDE_ONCE: case ZEND_REQUIRE_ONCE: { @@ -1933,6 +1943,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O break; EMPTY_SWITCH_DEFAULT_CASE() } +done: if (inc_filename==&tmp_inc_filename) { zval_dtor(&tmp_inc_filename); } @@ -5154,6 +5165,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O return_value_used = RETURN_VALUE_USED(opline); + if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { + if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || + Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) { + zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); + } else { + zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); + } + goto done; + } + switch (Z_LVAL(opline->op2.u.constant)) { case ZEND_INCLUDE_ONCE: case ZEND_REQUIRE_ONCE: { @@ -5207,6 +5228,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O break; EMPTY_SWITCH_DEFAULT_CASE() } +done: if (inc_filename==&tmp_inc_filename) { zval_dtor(&tmp_inc_filename); } @@ -8524,6 +8546,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O return_value_used = RETURN_VALUE_USED(opline); + if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { + if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || + Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) { + zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); + } else { + zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); + } + goto done; + } + switch (Z_LVAL(opline->op2.u.constant)) { case ZEND_INCLUDE_ONCE: case ZEND_REQUIRE_ONCE: { @@ -8577,6 +8609,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O break; EMPTY_SWITCH_DEFAULT_CASE() } +done: if (inc_filename==&tmp_inc_filename) { zval_dtor(&tmp_inc_filename); } @@ -22387,6 +22420,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O return_value_used = RETURN_VALUE_USED(opline); + if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { + if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || + Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) { + zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); + } else { + zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); + } + goto done; + } + switch (Z_LVAL(opline->op2.u.constant)) { case ZEND_INCLUDE_ONCE: case ZEND_REQUIRE_ONCE: { @@ -22440,6 +22483,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O break; EMPTY_SWITCH_DEFAULT_CASE() } +done: if (inc_filename==&tmp_inc_filename) { zval_dtor(&tmp_inc_filename); } From 7deec592fdc57f7a4d96390d021c9ae2e9715cee Mon Sep 17 00:00:00 2001 From: Pierre Joye Date: Mon, 21 Feb 2011 10:09:50 +0000 Subject: [PATCH] - fix test 025 --- ext/openssl/openssl.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 47deeb3..5f86bb8 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -3543,14 +3543,13 @@ PHP_FUNCTION(openssl_pkcs7_sign) char * outfilename; int outfilename_len; char * extracertsfilename = NULL; int extracertsfilename_len; - RETVAL_FALSE; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZZa!|ls", &infilename, &infilename_len, &outfilename, &outfilename_len, &zcert, &zprivkey, &zheaders, &flags, &extracertsfilename, &extracertsfilename_len) == FAILURE) { return; } + RETVAL_FALSE; if (strlen(infilename) != infilename_len) { return; -- 1.7.11.5 From 2a545be57f7ca7bc269eb9c93a07e1b85d4e8172 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Gustavo=20Andr=C3=A9=20dos=20Santos=20Lopes?= Date: Mon, 22 Nov 2010 05:10:14 +0000 Subject: [PATCH] - Fix tests for \0 patch in PHP 5.3. - Fix constants_error_004.phpt (closes bug #51901) --- ext/standard/tests/file/copy_variation4.phpt | Bin 4654 -> 4467 bytes .../tests/file/disk_free_space_variation.phpt | 16 +++++------ .../file/file_get_contents_variation8-win32.phpt | 2 -- .../tests/file/file_get_contents_variation8.phpt | 2 -- .../tests/file/file_put_contents_variation8.phpt | Bin 2302 -> 2228 bytes ext/standard/tests/file/filegroup_variation3.phpt | 4 +-- ext/standard/tests/file/fileinode_variation3.phpt | 4 +-- ext/standard/tests/file/fileowner_variation3.phpt | 4 +-- ext/standard/tests/file/fileperms_variation3.phpt | 4 +-- ext/standard/tests/file/fnmatch_variation.phpt | 30 ++++++++++----------- ext/standard/tests/file/glob_variation.phpt | 23 +++++----------- ext/standard/tests/file/is_dir_variation4.phpt | 4 +-- .../tests/file/is_executable_variation1.phpt | 4 +-- ext/standard/tests/file/is_file_variation4.phpt | 4 +-- .../tests/file/is_readable_variation1.phpt | 6 ++--- .../tests/file/is_writable_variation1.phpt | 12 ++++----- .../tests/file/mkdir_rmdir_variation2.phpt | 4 +-- .../tests/file/readfile_variation10-win32.phpt | 14 +++++++--- ext/standard/tests/file/readfile_variation10.phpt | Bin 1786 -> 1847 bytes .../tests/file/rename_variation13-win32.phpt | Bin 3947 -> 3805 bytes ext/standard/tests/file/rename_variation13.phpt | 4 --- ext/standard/tests/file/stream_rfc2397_006.phpt | 4 +-- .../tests/file/tempnam_variation3-win32.phpt | 5 ++-- ext/standard/tests/file/tempnam_variation3.phpt | 6 ++--- .../tests/file/tempnam_variation7-win32.phpt | 6 ++--- ext/standard/tests/file/tempnam_variation7.phpt | 6 ++--- tests/classes/constants_error_004.phpt | 2 +- 27 files changed, 81 insertions(+), 89 deletions(-) diff --git a/ext/standard/tests/file/copy_variation4.phpt b/ext/standard/tests/file/copy_variation4.phpt index 48386743f325e3cfedaa7712443a6af249aa9593..32756c1ede19ac8fb5e1029e4cd549b1bf42c199 100644 GIT binary patch delta 51 zcmZ3d@>yxZ82bTQfi7n4BXhH<_PLmnAJRr+BhGUo3Z0etwPyh?lCl*@yQL F3jp%@5;6b) delta 78 zcmV-U0I~n`BCaHmlPgzAP9iA^ARuIEWhf$ZYiV#GL~kH&Z*(AXb#5SUZXj1_Ze(wF kb0R4_3bA&50<-i2<_MGe2+RQhlO7R5lL!hcv!D#q1Rf_E<^TWy diff --git a/ext/standard/tests/file/disk_free_space_variation.phpt b/ext/standard/tests/file/disk_free_space_variation.phpt index c180998..178f857 100644 --- a/ext/standard/tests/file/disk_free_space_variation.phpt +++ b/ext/standard/tests/file/disk_free_space_variation.phpt @@ -105,19 +105,19 @@ float(%d) float(%d) -- Iteration 9 -- -float(%d) -float(%d) +bool(false) +bool(false) -- Iteration 10 -- -float(%d) -float(%d) +bool(false) +bool(false) -- Iteration 11 -- -float(%d) -float(%d) +bool(false) +bool(false) -- Iteration 12 -- -float(%d) -float(%d) +bool(false) +bool(false) --- Done --- diff --git a/ext/standard/tests/file/file_get_contents_variation8-win32.phpt b/ext/standard/tests/file/file_get_contents_variation8-win32.phpt index 43d742a..c0074ff 100644 --- a/ext/standard/tests/file/file_get_contents_variation8-win32.phpt +++ b/ext/standard/tests/file/file_get_contents_variation8-win32.phpt @@ -76,8 +76,6 @@ Warning: file_get_contents( ): failed to open stream: Permission denied in %s on bool(false) -- Filename: \0 -- - -Warning: file_get_contents(): Filename cannot be empty in %s on line %d bool(false) -- Filename: array() -- diff --git a/ext/standard/tests/file/file_get_contents_variation8.phpt b/ext/standard/tests/file/file_get_contents_variation8.phpt index dca75a0..84621e1 100644 --- a/ext/standard/tests/file/file_get_contents_variation8.phpt +++ b/ext/standard/tests/file/file_get_contents_variation8.phpt @@ -68,8 +68,6 @@ bool(false) Warning: file_get_contents( ): failed to open stream: No such file or directory in %s on line %d bool(false) -- Iteration 6 -- - -Warning: file_get_contents(): Filename cannot be empty in %s on line %d bool(false) -- Iteration 7 -- diff --git a/ext/standard/tests/file/file_put_contents_variation8.phpt b/ext/standard/tests/file/file_put_contents_variation8.phpt index 1e27e71334165f687b4bf263cfd56e934dbce78d..c35ace47b2c0037484e7d90885bd0876d29a7e9f 100644 GIT binary patch delta 20 ccmew-xJ7WoU$)5?*d-_Xvhi)sW1qkX0A3phxBvhE delta 18 acmdlY_)l=dU$)5!Y)Om^o5k4YF#-Tc0tQn6 diff --git a/ext/standard/tests/file/filegroup_variation3.phpt b/ext/standard/tests/file/filegroup_variation3.phpt index dd875a0..c41f383 100644 --- a/ext/standard/tests/file/filegroup_variation3.phpt +++ b/ext/standard/tests/file/filegroup_variation3.phpt @@ -74,8 +74,8 @@ bool(false) Warning: filegroup(): stat failed for %s/filegroup_variation3/filegroup*.tmp in %s on line %d bool(false) - Iteration 7 - -int(%d) +bool(false) - Iteration 8 - -int(%d) +bool(false) *** Done *** diff --git a/ext/standard/tests/file/fileinode_variation3.phpt b/ext/standard/tests/file/fileinode_variation3.phpt index c81b573..23cf3c7 100644 --- a/ext/standard/tests/file/fileinode_variation3.phpt +++ b/ext/standard/tests/file/fileinode_variation3.phpt @@ -75,8 +75,8 @@ bool(false) Warning: fileinode(): stat failed for %s/fileinode_variation3/fileinode*.tmp in %s on line %d bool(false) - Iteration 7 - -int(%d) +bool(false) - Iteration 8 - -int(%d) +bool(false) *** Done *** diff --git a/ext/standard/tests/file/fileowner_variation3.phpt b/ext/standard/tests/file/fileowner_variation3.phpt index 2a322b6..b2691e9 100644 --- a/ext/standard/tests/file/fileowner_variation3.phpt +++ b/ext/standard/tests/file/fileowner_variation3.phpt @@ -75,8 +75,8 @@ bool(false) Warning: fileowner(): stat failed for %s/fileowner_variation3/fileowner*.tmp in %s on line %d bool(false) - Iteration 7 - -int(%d) +bool(false) - Iteration 8 - -int(%d) +bool(false) *** Done *** diff --git a/ext/standard/tests/file/fileperms_variation3.phpt b/ext/standard/tests/file/fileperms_variation3.phpt index 38101e3..1e7396a 100644 --- a/ext/standard/tests/file/fileperms_variation3.phpt +++ b/ext/standard/tests/file/fileperms_variation3.phpt @@ -74,8 +74,8 @@ bool(false) Warning: fileperms(): stat failed for %s/fileperms_variation3/fileperms*.tmp in %s on line %d bool(false) - Iteration 7 - -int(%d) +bool(false) - Iteration 8 - -int(%d) +bool(false) *** Done *** diff --git a/ext/standard/tests/file/fnmatch_variation.phpt b/ext/standard/tests/file/fnmatch_variation.phpt index e65bdd0..13afebb 100644 --- a/ext/standard/tests/file/fnmatch_variation.phpt +++ b/ext/standard/tests/file/fnmatch_variation.phpt @@ -259,21 +259,21 @@ bool(true) --- With Strings --- -- Iteration 0 -- bool(true) -bool(true) +bool(false) bool(true) bool(false) bool(false) bool(true) -- Iteration 1 -- -bool(true) -bool(true) -bool(true) bool(false) bool(false) -bool(true) +bool(false) +bool(false) +bool(false) +bool(false) -- Iteration 2 -- bool(true) -bool(true) +bool(false) bool(true) bool(false) bool(false) @@ -282,7 +282,7 @@ bool(true) bool(false) bool(false) bool(false) -bool(true) +bool(false) bool(false) bool(false) -- Iteration 4 -- @@ -294,7 +294,7 @@ bool(true) bool(false) -- Iteration 5 -- bool(true) -bool(true) +bool(false) bool(true) bool(false) bool(false) @@ -397,28 +397,28 @@ bool(true) bool(true) bool(true) bool(true) -bool(true) +bool(false) bool(false) bool(false) -- Iteration 1 -- bool(true) bool(true) bool(true) -bool(true) +bool(false) bool(false) bool(false) -- Iteration 2 -- bool(true) bool(true) bool(true) -bool(true) +bool(false) bool(false) bool(false) -- Iteration 3 -- -bool(true) -bool(true) -bool(true) -bool(true) +bool(false) +bool(false) +bool(false) +bool(false) bool(false) bool(false) -- Iteration 4 -- diff --git a/ext/standard/tests/file/glob_variation.phpt b/ext/standard/tests/file/glob_variation.phpt index 52c0dc8..64d3d8a 100755 --- a/ext/standard/tests/file/glob_variation.phpt +++ b/ext/standard/tests/file/glob_variation.phpt @@ -325,20 +325,12 @@ array(0) { } -- Iteration 8 -- -array(0) { -} -array(0) { -} -array(0) { -} -array(1) { - [0]=> - string(%d) "%s/glob_variation/WONDER5" -} -array(0) { -} -array(0) { -} +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) +bool(false) -- Iteration 9 -- array(0) { @@ -441,8 +433,7 @@ array(1) { array(0) { } -- Iteration 8 -- -array(0) { -} +bool(false) -- Iteration 9 -- array(0) { } diff --git a/ext/standard/tests/file/is_dir_variation4.phpt b/ext/standard/tests/file/is_dir_variation4.phpt index a68fe0b..b83d185 100644 --- a/ext/standard/tests/file/is_dir_variation4.phpt +++ b/ext/standard/tests/file/is_dir_variation4.phpt @@ -77,9 +77,9 @@ bool(true) bool(false) -- Iteration 9 -- -bool(true) +bool(false) -- Iteration 10 -- -bool(true) +bool(false) *** Done *** diff --git a/ext/standard/tests/file/is_executable_variation1.phpt b/ext/standard/tests/file/is_executable_variation1.phpt index 9969911..bc826b9 100644 --- a/ext/standard/tests/file/is_executable_variation1.phpt +++ b/ext/standard/tests/file/is_executable_variation1.phpt @@ -76,9 +76,9 @@ bool(false) -- Iteration 5 -- bool(false) -- Iteration 6 -- -bool(true) +bool(false) -- Iteration 7 -- -bool(true) +bool(false) -- Iteration 8 -- bool(false) -- Iteration 9 -- diff --git a/ext/standard/tests/file/is_file_variation4.phpt b/ext/standard/tests/file/is_file_variation4.phpt index 55aeedf..fbdf438 100644 --- a/ext/standard/tests/file/is_file_variation4.phpt +++ b/ext/standard/tests/file/is_file_variation4.phpt @@ -67,8 +67,8 @@ bool(false) - Iteration 6 - bool(false) - Iteration 7 - -bool(true) +bool(false) - Iteration 8 - -bool(true) +bool(false) *** Done *** diff --git a/ext/standard/tests/file/is_readable_variation1.phpt b/ext/standard/tests/file/is_readable_variation1.phpt index a131032..7493574 100644 --- a/ext/standard/tests/file/is_readable_variation1.phpt +++ b/ext/standard/tests/file/is_readable_variation1.phpt @@ -87,11 +87,11 @@ bool(false) -- Iteration 6 -- bool(false) -- Iteration 7 -- -bool(true) +bool(false) -- Iteration 8 -- -bool(true) +bool(false) -- Iteration 9 -- -bool(true) +bool(false) -- Iteration 10 -- bool(true) -- Iteration 11 -- diff --git a/ext/standard/tests/file/is_writable_variation1.phpt b/ext/standard/tests/file/is_writable_variation1.phpt index bf3e7e1..1f3cbf5 100644 --- a/ext/standard/tests/file/is_writable_variation1.phpt +++ b/ext/standard/tests/file/is_writable_variation1.phpt @@ -96,14 +96,14 @@ bool(false) bool(false) bool(false) -- Iteration 7 -- -bool(true) -bool(true) +bool(false) +bool(false) -- Iteration 8 -- -bool(true) -bool(true) +bool(false) +bool(false) -- Iteration 9 -- -bool(true) -bool(true) +bool(false) +bool(false) -- Iteration 10 -- bool(true) bool(true) diff --git a/ext/standard/tests/file/mkdir_rmdir_variation2.phpt b/ext/standard/tests/file/mkdir_rmdir_variation2.phpt index e7c41c4..101e890 100644 --- a/ext/standard/tests/file/mkdir_rmdir_variation2.phpt +++ b/ext/standard/tests/file/mkdir_rmdir_variation2.phpt @@ -64,8 +64,8 @@ Warning: rmdir(%s/mkdir_variation2/): %s on line %d bool(false) *** Testing mkdir() and rmdir() for binary safe functionality *** -bool(true) -bool(true) +bool(false) +bool(false) *** Testing mkdir() with miscelleneous input *** bool(true) diff --git a/ext/standard/tests/file/readfile_variation10-win32.phpt b/ext/standard/tests/file/readfile_variation10-win32.phpt index 6453b98..1624194 100644 --- a/ext/standard/tests/file/readfile_variation10-win32.phpt +++ b/ext/standard/tests/file/readfile_variation10-win32.phpt @@ -37,7 +37,7 @@ $names_arr = array( foreach($names_arr as $key => $value) { echo "\n-- Filename: $key --\n"; - readfile($value); + var_dump(readfile($value)); }; ?> @@ -48,40 +48,48 @@ foreach($names_arr as $key => $value) { -- Filename: -1 -- Warning: readfile(-1): failed to open stream: No such file or directory in %s on line %d +bool(false) -- Filename: TRUE -- Warning: readfile(1): failed to open stream: No such file or directory in %s on line %d +bool(false) -- Filename: FALSE -- Warning: readfile(): Filename cannot be empty in %s on line %d +bool(false) -- Filename: NULL -- Warning: readfile(): Filename cannot be empty in %s on line %d +bool(false) -- Filename: "" -- Warning: readfile(): Filename cannot be empty in %s on line %d +bool(false) -- Filename: " " -- Warning: readfile( ): failed to open stream: Permission denied in %s on line %d +bool(false) -- Filename: \0 -- - -Warning: readfile(): Filename cannot be empty in %s on line %d +bool(false) -- Filename: array() -- Warning: readfile() expects parameter 1 to be string, array given in %s on line %d +bool(false) -- Filename: /no/such/file/dir -- Warning: readfile(/no/such/file/dir): failed to open stream: No such file or directory in %s on line %d +bool(false) -- Filename: php/php -- Warning: readfile(php/php): failed to open stream: No such file or directory in %s on line %d +bool(false) ===Done=== \ No newline at end of file diff --git a/ext/standard/tests/file/readfile_variation10.phpt b/ext/standard/tests/file/readfile_variation10.phpt index a48150aee0fcf1240a7f47b7939c317043ae037f..2caa2de1d259b0012f6f5722b441a25666b1f9b8 100644 GIT binary patch delta 216 zcmeyxyPa=?3bRC6Vo`ibX>Nf=QEFmJT4qkFhDu&yZmQ;FBj(lIN%{FX8fl3+#X$ZY z=1>%VBTEoTd}Y>96(sYxbafR7Au9Mo{LLM POH08eKQC1Q$lwA1(T_+Z delta 94 zcmdna_ltLf3Nv3(YGO)SW=^VxN?u}a>SP<{)ssInhfLnU5(vjxtRcL*x(X$!#U+_} q=?dx$lUO7sm$T?je$1LRIg%}A@u22Qht7pMp|M{ajNF#W!y)Z0e1xn6#xJL delta 26 icmcaB`&w=T4>u#j --EXPECTF-- -string(0) "" -string(6) "foobar" +bool(false) +bool(false) string(13) "foobar foobar" Warning: file_get_contents(data:;base64,#Zm9vYmFyIGZvb2Jhc=): failed to open stream: rfc2397: unable to decode in %sstream_rfc2397_006.php on line %d diff --git a/ext/standard/tests/file/tempnam_variation3-win32.phpt b/ext/standard/tests/file/tempnam_variation3-win32.phpt index fb457cb..a51a10a 100644 --- a/ext/standard/tests/file/tempnam_variation3-win32.phpt +++ b/ext/standard/tests/file/tempnam_variation3-win32.phpt @@ -31,8 +31,8 @@ $names_arr = array( NULL, "", " ", - "\0", /* Invalid args */ + "\0", array(), /* Valid args*/ @@ -102,7 +102,8 @@ OK Failed, not created in the correct directory %s vs %s 0 -- Iteration 6 -- -OK +Failed, not created in the correct directory %s vs %s +0 -- Iteration 7 -- Warning: tempnam() expects parameter 2 to be string, array given in %s\ext\standard\tests\file\tempnam_variation3-win32.php on line %d diff --git a/ext/standard/tests/file/tempnam_variation3.phpt b/ext/standard/tests/file/tempnam_variation3.phpt index 69ab16c..4a0e861 100644 --- a/ext/standard/tests/file/tempnam_variation3.phpt +++ b/ext/standard/tests/file/tempnam_variation3.phpt @@ -100,9 +100,9 @@ File name is => %s/%s File permissions are => 100600 File created in => directory specified -- Iteration 6 -- -File name is => %s/%s -File permissions are => 100600 -File created in => directory specified +-- File is not created -- + +Warning: unlink(): %s in %s on line %d -- Iteration 7 -- Warning: tempnam() expects parameter 2 to be string, array given in %s on line %d diff --git a/ext/standard/tests/file/tempnam_variation7-win32.phpt b/ext/standard/tests/file/tempnam_variation7-win32.phpt index 34e352a..8ea839e 100644 --- a/ext/standard/tests/file/tempnam_variation7-win32.phpt +++ b/ext/standard/tests/file/tempnam_variation7-win32.phpt @@ -89,9 +89,9 @@ File name is => %s%et%s File permissions are => 100666 File created in => temp dir -- Iteration 6 -- -File name is => %s%et%s -File permissions are => 100666 -File created in => temp dir +-- File is not created -- + +Warning: unlink(): %s in %s on line %d -- Iteration 7 -- Warning: tempnam() expects parameter 1 to be string, array given in %s on line %d diff --git a/ext/standard/tests/file/tempnam_variation7.phpt b/ext/standard/tests/file/tempnam_variation7.phpt index 18d074d..16f94f0 100644 --- a/ext/standard/tests/file/tempnam_variation7.phpt +++ b/ext/standard/tests/file/tempnam_variation7.phpt @@ -94,9 +94,9 @@ File name is => %s%etempnam_variation3.tmp%s File permissions are => 100600 File created in => temp dir -- Iteration 6 -- -File name is => %s%etempnam_variation3.tmp%s -File permissions are => 100600 -File created in => temp dir +-- File is not created -- + +Warning: unlink(): %s in %s on line %d -- Iteration 7 -- Warning: tempnam() expects parameter 1 to be string, array given in %s on line %d diff --git a/tests/classes/constants_error_004.phpt b/tests/classes/constants_error_004.phpt index 732c530..03e6725 100644 --- a/tests/classes/constants_error_004.phpt +++ b/tests/classes/constants_error_004.phpt @@ -10,4 +10,4 @@ Class constant whose initial value refereces a non-existent class $a = new C(); ?> --EXPECTF-- -Fatal error: Undefined class constant 'D::hello' in %s on line %d +Fatal error: Class 'D' not found in %s on line %d -- 1.7.11.5