From: evgeny at 100mb dot ru
Operating system: FreeBSD 4.7
PHP version: 4.3.4
PHP Bug Type: DBM/DBA related
Bug description: dba_open read arbitrary files
Description:
------------
dba_open() creates *.db file with fragments of system files or source php
scripts
Reproduce code:
---------------
<?php
$db=dba_open("/var/tmp/test.db","n", "gdbm");
?>
Expected result:
----------------
Create test.db only
Actual result:
--------------
#cat /var/tmp/test.db
...
127.0.0.1 localhost localhost.my.domain
#
# Imaginary network.
#10.0.0.2 myname.my.domain myname
#10.0.0.3 myfriend.my.domain myfriend
...
(pert of my /etc/hosts here! :( and part of my /etc/services file below
:-()
....
hylafax 4559/tcp #HylaFAX client-server protocol
rfa 4672/tcp #remote file access server
rfa 4672/udp #remote file access server
commplex-main 5000/tcp
commplex-main 5000/udp
.....
--
Edit bug report at http://bugs.php.net/?id=26220&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=26220&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=26220&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=26220&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=26220&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=26220&r=needtrace
Try newer version: http://bugs.php.net/fix.php?id=26220&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=26220&r=support
Expected behavior: http://bugs.php.net/fix.php?id=26220&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=26220&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=26220&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=26220&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=26220&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=26220&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=26220&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=26220&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=26220&r=float
