From: reeze dot xia at gmail dot com
Operating system: Mac OSX 10.8
PHP version: Irrelevant
Package: POSIX related
Bug Type: Bug
Bug description:posix_getpwnam("") && posix_getgrnam("") didn't return false on
Mac OSX 10.8
Description:
------------
In Mac OS X 10.8 mountain lion, getpwnam() && getgrnam() didn't return
NULL
when empty string supplied. this is a bug of 10.8.0
since uid 0 an gid 0 most belongs to root, this might have security issue.
and this breaks these test cases:
posix_getgrnam(): Basic tests [ext/posix/tests/posix_getgrnam.phpt]
posix_getgrnam(): Basic tests [ext/posix/tests/posix_getgrnam_basic.phpt]
posix_getpwnam(): Basic tests [ext/posix/tests/posix_getpwnam.phpt]
posix_getpwnam(): Basic tests [ext/posix/tests/posix_getpwnam_basic.phpt]
here is reproducible code from: Andreas Fink <af...@list.fink.org>:
#include <sys/types.h>
#include <stdio.h>
#include <pwd.h>
#include <uuid/uuid.h>
#include <stdlib.h>
#define MAYBE_NULL_STRING(a) (a ? a : "(NULL)")
extern int errno;
int main(int argc, char *argv[])
{
errno = 0;
struct passwd *pwdstruct = getpwnam("");
printf("errno = %d\n",errno);
if(pwdstruct == NULL)
{
printf("pwdstruct == NULL\n");
exit(0);
}
printf("pw_name: %s\n",MAYBE_NULL_STRING(pwdstruct->pw_name));
printf("pw_passwd: %s\n",MAYBE_NULL_STRING(pwdstruct->pw_passwd));
printf("pw_uid: %d\n",pwdstruct->pw_uid);
printf("pw_gid: %d\n",pwdstruct->pw_gid);
}
produces
$ ./a.out
errno = 0
pw_name:
pw_passwd:
pw_uid: 0
pw_gid: 0
Test script:
---------------
<?php
var_dump(posix_getpwnam(""));
var_dump(posix_getgrnam(""));
Expected result:
----------------
bool(false)
bool(false)
Actual result:
--------------
array(7) {
["name"]=>
string(0) ""
["passwd"]=>
string(0) ""
["uid"]=>
int(0)
["gid"]=>
int(0)
["gecos"]=>
string(0) ""
["dir"]=>
string(0) ""
["shell"]=>
string(0) ""
}
array(4) {
["name"]=>
string(0) ""
["passwd"]=>
string(0) ""
["members"]=>
array(0) {
}
["gid"]=>
int(0)
}
--
Edit bug report at https://bugs.php.net/bug.php?id=62881&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=62881&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=62881&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=62881&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=62881&r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=62881&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=62881&r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=62881&r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=62881&r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=62881&r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=62881&r=support
Expected behavior:
https://bugs.php.net/fix.php?id=62881&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=62881&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=62881&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=62881&r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=62881&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=62881&r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=62881&r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=62881&r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=62881&r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=62881&r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=62881&r=mysqlcfg
