#48111 [Com]: unlink() does not delete symlinks without a target if open_basedir is used

[antoine dot contal+bugs dot php dot net at gmail dot com]

 ID:               48111
 Comment by:       antoine dot contal+bugs dot php dot net at gmail dot
                   com
 Reported By:      simon at stienen dot name
 Status:           Open
 Bug Type:         Feature/Change Request
 Operating System: FreeBSD 7.1-RELEASE/amd64
 PHP Version:      5.2.9
 New Comment:

Same issue with PHP 5.2.11.


Previous Comments:
------------------------------------------------------------------------

[2009-04-29 20:39:06] simon at stienen dot name

Ok, a possible solution would be to apply the open_basedir check to the
parent directory instead of the file or the symlink itself.

I have implemented and slightly tested this, but please consider that
my C knowledge is somewhat limited and I have almost no insight into
PHPs internals, so please treat these diffs with the necessary care:

http://trashbin.slashlife.org/tmp/plain_wrapper.c.diff
http://trashbin.slashlife.org/tmp/plain_wrapper.c.-p.diff
http://trashbin.slashlife.org/tmp/plain_wrapper.c.-u.diff

------------------------------------------------------------------------

[2009-04-29 17:42:48] simon at stienen dot name

Description:
------------
unlink()ing a symlink with its target missing fails with an
open_basedir error.

This might be related to
http://bugs.php.net/bug.php?id=20235 (actual deletion changed, but
sanitization still uses target?) and/or
http://bugs.php.net/bug.php?id=29145 (missing target (empty string?) is
considered to be outside of open_basedir?)


Reproduce code:
---------------
<?php

echo "creating link\n";
symlink('nonexisting_target', 'link');

echo "unlinking link\n";
unlink('link');

echo "creating target\n";
file_put_contents('nonexisting_target', 'foo');

echo "unlinking link (again)\n";
unlink('link');

echo "unlinking target\n";
unlink('nonexisting_target');


Expected result:
----------------
Run with php -d open_basedir=

creating link
unlinking link
creating target
unlinking link (again)

Warning: unlink(link): No such file or directory in /tmp/- on line 13
unlinking target


Actual result:
--------------
Run with php -d open_basedir=/

creating link
unlinking link

Warning: unlink(): open_basedir restriction in effect. File(link) is
not within the allowed path(s): (/) in /tmp/- on line 7
creating target
unlinking link (again)
unlinking target


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=48111&edit=1