iliaa Fri Jan 12 01:46:11 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/standard filestat.c /php-src/main safe_mode.c fopen_wrappers.c /php-src/ext/posix posix.c /php-src NEWS Log: Fixed bug #40098 (php_fopen_primary_script() not thread safe). Adjusted previous fixes for similar issue to handle sysconf() failures
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/filestat.c?r1=1.136.2.8.2.8&r2=1.136.2.8.2.9&diff_format=u Index: php-src/ext/standard/filestat.c diff -u php-src/ext/standard/filestat.c:1.136.2.8.2.8 php-src/ext/standard/filestat.c:1.136.2.8.2.9 --- php-src/ext/standard/filestat.c:1.136.2.8.2.8 Thu Jan 11 02:33:07 2007 +++ php-src/ext/standard/filestat.c Fri Jan 12 01:46:11 2007 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: filestat.c,v 1.136.2.8.2.8 2007/01/11 02:33:07 pollita Exp $ */ +/* $Id: filestat.c,v 1.136.2.8.2.9 2007/01/12 01:46:11 iliaa Exp $ */ #include "php.h" #include "safe_mode.h" @@ -363,12 +363,17 @@ } convert_to_string_ex(filename); if (Z_TYPE_PP(group) == IS_STRING) { -#if HAVE_GETGRNAM_R +#if defined(ZTS) && defined(HAVE_GETGRNAM_R) && defined(_SC_GETGR_R_SIZE_MAX) struct group gr; struct group *retgrptr; - int grbuflen = sysconf(_SC_GETGR_R_SIZE_MAX); - char *grbuf = emalloc(grbuflen); + long grbuflen = sysconf(_SC_GETGR_R_SIZE_MAX); + char *grbuf; + if (grbuflen < 1) { + RETURN_FALSE; + } + + grbuf = emalloc(grbuflen); if (getgrnam_r(Z_STRVAL_PP(group), &gr, grbuf, grbuflen, &retgrptr) != 0 || retgrptr == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find gid for %s", Z_STRVAL_PP(group)); efree(grbuf); @@ -454,12 +459,17 @@ } convert_to_string_ex(filename); if (Z_TYPE_PP(user) == IS_STRING) { -#if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) +#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) struct passwd pw; struct passwd *retpwptr = NULL; - int pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); - char *pwbuf = emalloc(pwbuflen); + long pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); + char *pwbuf; + + if (pwbuflen < 1) { + RETURN_FALSE; + } + pwbuf = emalloc(pwbuflen); if (getpwnam_r(Z_STRVAL_PP(user), &pw, pwbuf, pwbuflen, &retpwptr) != 0 || retpwptr == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find uid for %s", Z_STRVAL_PP(user)); efree(pwbuf); http://cvs.php.net/viewvc.cgi/php-src/main/safe_mode.c?r1=1.62.2.1.2.6&r2=1.62.2.1.2.7&diff_format=u Index: php-src/main/safe_mode.c diff -u php-src/main/safe_mode.c:1.62.2.1.2.6 php-src/main/safe_mode.c:1.62.2.1.2.7 --- php-src/main/safe_mode.c:1.62.2.1.2.6 Tue Jan 9 23:27:22 2007 +++ php-src/main/safe_mode.c Fri Jan 12 01:46:11 2007 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: safe_mode.c,v 1.62.2.1.2.6 2007/01/09 23:27:22 iliaa Exp $ */ +/* $Id: safe_mode.c,v 1.62.2.1.2.7 2007/01/12 01:46:11 iliaa Exp $ */ #include "php.h" @@ -228,12 +228,16 @@ return SG(request_info).current_user; #else struct passwd *pwd; -#ifdef HAVE_GETPWUID_R +#if defined(ZTS) && defined(HAVE_GETPWUID_R) && defined(_SC_GETPW_R_SIZE_MAX) struct passwd _pw; struct passwd *retpwptr = NULL; int pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); - char *pwbuf = emalloc(pwbuflen); + char *pwbuf; + if (pwbuflen < 1) { + return "" + } + pwbuf = emalloc(pwbuflen); if (getpwuid_r(pstat->st_uid, &_pw, pwbuf, pwbuflen, &retpwptr) != 0) { efree(pwbuf); return ""; @@ -246,7 +250,7 @@ #endif SG(request_info).current_user_length = strlen(pwd->pw_name); SG(request_info).current_user = estrndup(pwd->pw_name, SG(request_info).current_user_length); -#ifdef HAVE_GETPWUID_R +#if defined(ZTS) && defined(HAVE_GETPWUID_R) && defined(_SC_GETPW_R_SIZE_MAX) efree(pwbuf); #endif return SG(request_info).current_user; http://cvs.php.net/viewvc.cgi/php-src/main/fopen_wrappers.c?r1=1.175.2.3.2.5&r2=1.175.2.3.2.6&diff_format=u Index: php-src/main/fopen_wrappers.c diff -u php-src/main/fopen_wrappers.c:1.175.2.3.2.5 php-src/main/fopen_wrappers.c:1.175.2.3.2.6 --- php-src/main/fopen_wrappers.c:1.175.2.3.2.5 Mon Jan 1 09:36:10 2007 +++ php-src/main/fopen_wrappers.c Fri Jan 12 01:46:11 2007 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: fopen_wrappers.c,v 1.175.2.3.2.5 2007/01/01 09:36:10 sebastian Exp $ */ +/* $Id: fopen_wrappers.c,v 1.175.2.3.2.6 2007/01/12 01:46:11 iliaa Exp $ */ /* {{{ includes */ @@ -264,23 +264,37 @@ filename = SG(request_info).path_translated; path_info = SG(request_info).request_uri; #if HAVE_PWD_H - if (PG(user_dir) && *PG(user_dir) - && path_info && '/' == path_info[0] && '~' == path_info[1]) { - - char user[32]; - struct passwd *pw; + if (PG(user_dir) && *PG(user_dir) && path_info && '/' == path_info[0] && '~' == path_info[1]) { char *s = strchr(path_info + 2, '/'); filename = NULL; /* discard the original filename, it must not be used */ if (s) { /* if there is no path name after the file, do not bother */ - /* to try open the directory */ + char user[32]; /* to try open the directory */ + struct passwd *pw; +#if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX) + long pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); + char *pwbuf; + + if (pwbuflen < 1) { + return FAILURE; + } + + pwbuf = emalloc(pwbuflen); +#endif length = s - (path_info + 2); - if (length > (int)sizeof(user) - 1) + if (length > (int)sizeof(user) - 1) { length = sizeof(user) - 1; + } memcpy(user, path_info + 2, length); user[length] = '\0'; - +#if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX) + if (getpwnam_r(user, &pwstruc, pwbuf, pwbuflen, &pw)) { + efree(pwbuf); + return FAILURE; + } +#else pw = getpwnam(user); +#endif if (pw && pw->pw_dir) { filename = emalloc(strlen(PG(user_dir)) + strlen(path_info) + strlen(pw->pw_dir) + 4); if (filename) { http://cvs.php.net/viewvc.cgi/php-src/ext/posix/posix.c?r1=1.70.2.3.2.11&r2=1.70.2.3.2.12&diff_format=u Index: php-src/ext/posix/posix.c diff -u php-src/ext/posix/posix.c:1.70.2.3.2.11 php-src/ext/posix/posix.c:1.70.2.3.2.12 --- php-src/ext/posix/posix.c:1.70.2.3.2.11 Thu Jan 11 02:33:07 2007 +++ php-src/ext/posix/posix.c Fri Jan 12 01:46:11 2007 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: posix.c,v 1.70.2.3.2.11 2007/01/11 02:33:07 pollita Exp $ */ +/* $Id: posix.c,v 1.70.2.3.2.12 2007/01/12 01:46:11 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -147,7 +147,7 @@ static PHP_MINFO_FUNCTION(posix) { php_info_print_table_start(); - php_info_print_table_row(2, "Revision", "$Revision: 1.70.2.3.2.11 $"); + php_info_print_table_row(2, "Revision", "$Revision: 1.70.2.3.2.12 $"); php_info_print_table_end(); } /* }}} */ @@ -555,8 +555,8 @@ zval **z_fd; char *p; int fd; -#if HAVE_TTYNAME_R - size_t buflen; +#if defined(ZTS) && defined(HAVE_TTYNAME_R) && defined(_SC_TTY_NAME_MAX) + long buflen; #endif if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Z", &z_fd) == FAILURE) { @@ -573,8 +573,11 @@ convert_to_long_ex(z_fd); fd = Z_LVAL_PP(z_fd); } -#if HAVE_TTYNAME_R +#if defined(ZTS) && defined(HAVE_TTYNAME_R) && defined(_SC_TTY_NAME_MAX) buflen = sysconf(_SC_TTY_NAME_MAX); + if (buflen < 1) { + RETURN_FALSE; + } p = emalloc(buflen); if (ttyname_r(fd, p, buflen)) { @@ -822,9 +825,9 @@ char *name; struct group *g; int name_len; -#if HAVE_GETGRNAM_R +#if defined(ZTS) && defined(HAVE_GETGRNAM_R) && defined(_SC_GETGR_R_SIZE_MAX) struct group gbuf; - int buflen; + long buflen; char *buf; #endif @@ -832,8 +835,11 @@ RETURN_FALSE; } -#if HAVE_GETGRNAM_R +#if defined(ZTS) && defined(HAVE_GETGRNAM_R) && defined(_SC_GETGR_R_SIZE_MAX) buflen = sysconf(_SC_GETGR_R_SIZE_MAX); + if (buflen < 1) { + RETURN_FALSE; + } buf = emalloc(buflen); g = &gbuf; @@ -855,7 +861,7 @@ php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to convert posix group to array"); RETVAL_FALSE; } -#if HAVE_GETGRNAM_R +#if defined(ZTS) && defined(HAVE_GETGRNAM_R) && defined(_SC_GETGR_R_SIZE_MAX) efree(buf); #endif } @@ -870,7 +876,7 @@ int ret; struct group _g; struct group *retgrptr; - int grbuflen; + long grbuflen; char *grbuf; #endif struct group *g; @@ -932,9 +938,9 @@ struct passwd *pw; char *name; int name_len; -#if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) +#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) struct passwd pwbuf; - int buflen; + long buflen; char *buf; #endif @@ -942,8 +948,11 @@ RETURN_FALSE; } -#if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) +#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) buflen = sysconf(_SC_GETPW_R_SIZE_MAX); + if (buflen < 1) { + RETURN_FALSE; + } buf = emalloc(buflen); pw = &pwbuf; @@ -965,7 +974,7 @@ php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to convert posix passwd struct to array"); RETVAL_FALSE; } -#if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) +#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) efree(buf); #endif } @@ -976,10 +985,10 @@ PHP_FUNCTION(posix_getpwuid) { long uid; -#if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWUID_R) +#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWUID_R) struct passwd _pw; struct passwd *retpwptr = NULL; - int pwbuflen; + long pwbuflen; char *pwbuf; int ret; #endif @@ -988,8 +997,11 @@ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l", &uid) == FAILURE) { RETURN_FALSE; } -#if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWUID_R) +#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWUID_R) pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); + if (pwbuflen < 1) { + RETURN_FALSE; + } pwbuf = emalloc(pwbuflen); ret = getpwuid_r(uid, &_pw, pwbuf, pwbuflen, &retpwptr); @@ -1012,7 +1024,7 @@ php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to convert posix passwd struct to array"); RETVAL_FALSE; } -#if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWUID_R) +#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWUID_R) efree(pwbuf); #endif } http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.492&r2=1.2027.2.547.2.493&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.492 php-src/NEWS:1.2027.2.547.2.493 --- php-src/NEWS:1.2027.2.547.2.492 Thu Jan 11 16:47:32 2007 +++ php-src/NEWS Fri Jan 12 01:46:11 2007 @@ -4,6 +4,7 @@ - Added CURLOPT_TCP_NODELAY constant to Curl extension. (Sara) - Improved proc_open(). Now on Windows it can run external commands not through CMD.EXE. (Dmitry) +- Fixed bug #40098 (php_fopen_primary_script() not thread safe). (Ilia) - Fixed bug #40091 (spl_autoload_register with 2 instances of the same class). (Ilia) - Fixed bug #40083 (milter SAPI functions always return false/null). (Tony)
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php