#34957 [NEW]: PHP5 ignores any kind of ACL including FS ACL, AFS ACL or trustees (PHP4 works)

[cunha17 at gmail dot com]

From: cunha17 at gmail dot com
Operating system: debian sarge kernel 2.6
PHP version:  6CVS-2005-10-22 (CVS)
PHP Bug Type: Filesystem function related
Bug description:  PHP5 ignores any kind of ACL including FS ACL, AFS ACL or 
trustees (PHP4 works)

Description:

This bug only exists at PHP5 branch. PHP4 works just fine.
This patch which was provided by [EMAIL PROTECTED] fixes these bugs:
  - Bug #14923 is_readable, is_writable, is_executable fail on POSIX ACL
based filesystems (this bug is ancient and is fixed in PHP4 branch, but
not fixed on PHP5 branch - regression test problems ?)
  - Bug #30931 is_writable() and is_readable() return false when access is
permit (this bug is marked as no feedback so that's why I opened this bug
report)
  - This bug report itself

Reproduce code:
---
\n";
echo $file.' is '.(is_writable($file) ? '' : 'NOT ')."writable!\n";
?>

The POSIX ACL on test.php:
$ getfacl test.php
# file: test.php
# owner: root
# group: root
user::rw-
user:swishe:rwx
group::---
mask::rwx
other::---


Expected result:

Logged in as user swishe and using PHP CLI:

host:/var$ php test.php
test.php is readable!
test.php is writable!


Actual result:
--
Logged in as user swishe and using PHP CLI:

host:/var$ php test.php
test.php is NOT readable!
test.php is NOT writable!

Here is the patch provided by [EMAIL PROTECTED] at Bug #30931 which fixes
this problem. I tested it over XFS and AFS. 

Index: ext/standard/filestat.c
===
RCS file: /repository/php-src/ext/standard/filestat.c,v
retrieving revision 1.137
diff -u -r1.137 filestat.c
--- ext/standard/filestat.c 23 Aug 2005 12:53:23 -  1.137
+++ ext/standard/filestat.c 22 Oct 2005 14:06:23 -
@@ -543,6 +543,7 @@
 #define IS_LINK_OPERATION(__t) ((__t) == FS_TYPE || (__t) == FS_IS_LINK
|| (__t) == FS_LSTAT)
 #define IS_EXISTS_CHECK(__t) ((__t) == FS_EXISTS  || (__t) == FS_IS_W ||
(__t) == FS_IS_R || (__t) == FS_IS_X || (__t) == FS_IS_FILE || (__t) ==
FS_IS_DIR || (__t) == FS_IS_LINK)
 #define IS_ABLE_CHECK(__t) ((__t) == FS_IS_R || (__t) == FS_IS_W || (__t)
== FS_IS_X)
+#define IS_ACCESS_CHECK(__t) (IS_ABLE_CHECK(type) || (__t) == FS_EXISTS)

 /* {{{ php_stat
  */
@@ -552,6 +553,7 @@
*stat_size, *stat_atime, *stat_mtime, *stat_ctime,
*stat_blksize, *stat_blocks;
struct stat *stat_sb;
php_stream_statbuf ssb;
+   char * local_path;
int flags = 0, rmask=S_IROTH, wmask=S_IWOTH, xmask=S_IXOTH; /*
access rights defaults to other */
char *stat_sb_names[13]={"dev", "ino", "mode", "nlink", "uid",
"gid", "rdev",
  "size", "atime", "mtime", "ctime",
"blksize", "blocks"};
@@ -559,7 +561,21 @@
if (!filename_length) {
RETURN_FALSE;
}
-
+#ifndef NETWARE
+   if (IS_ACCESS_CHECK(type) &&
+   !php_stream_locate_url_wrapper(filename, &local_path,
STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC)) {
+   switch(type) {
+   case FS_EXISTS:
+   RETURN_BOOL(access(local_path, F_OK) ==
0);
+   case FS_IS_W:
+   RETURN_BOOL(access(local_path, W_OK) ==
0);
+   case FS_IS_X:
+   RETURN_BOOL(access(local_path, X_OK) ==
0);
+   case FS_IS_R:
+   RETURN_BOOL(access(local_path, R_OK) ==
0);
+   }
+   }
+#endif
if (IS_LINK_OPERATION(type)) {
flags |= PHP_STREAM_URL_STAT_LINK;
}


-- 
Edit bug report at http://bugs.php.net/?id=34957&edit=1
-- 
Try a CVS snapshot (php4):   http://bugs.php.net/fix.php?id=34957&r=trysnapshot4
Try a CVS snapshot (php5.0): 
http://bugs.php.net/fix.php?id=34957&r=trysnapshot50
Try a CVS snapshot (php5.1): 
http://bugs.php.net/fix.php?id=34957&r=trysnapshot51
Fixed in CVS:http://bugs.php.net/fix.php?id=34957&r=fixedcvs
Fixed in release:http://bugs.php.net/fix.php?id=34957&r=alreadyfixed
Need backtrace:  http://bugs.php.net/fix.php?id=34957&r=needtrace
Need Reproduce Script:   http://bugs.php.net/fix.php?id=34957&r=needscript
Try newer version:   http://bugs.php.net/fix.php?id=34957&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=34957&r=support
Expected behavior:   http://bugs.php.net/fix.php?id=34957&r=notwrong
Not enough info: 
http://bugs.php.net/fix.php?id=34957&r=notenoughinfo
Submitted twice: 
http://bugs.php.net/fix.php?id=34957&r=submittedtwice
register_globals:http://bugs.php.ne

#30931 [Com]: is_writable() and is_readable() return false when access is permitted via ACL

[cunha17 at gmail dot com]

 ID:   30931
 Comment by:   cunha17 at gmail dot com
 Reported By:  bugzilla-php at bwurst dot org
 Status:   No Feedback
 Bug Type: Filesystem function related
 Operating System: gentoo linux (kernel 2.6)
 PHP Version:  5.0.2
 New Comment:

PHP should not try to calculate permissions because only the Operating
System can do it right. As someone pointed out, PHP is ignoring my
POSIX ACL and Trustees too.


Previous Comments:


[2005-09-02 23:01:48] 1 at 234 dot cx

I was just wondering if anyone can review the patch which has been
posted here.  This seems to be a well defined bug with a patch that
solves the problem, is there any reason not to check it in?

If there *is* a reason not to check the patch in, I am sure one of us
will work on improving it.  Before we can do this, though, we need a
clue what issues people see with the patch as it stands.



[2005-08-26 03:03:50] matthew at acintrix dot net

I too am expierencing this bug on Fedora Core 4 with PHP 
5.0.4.



[2005-08-08 18:18:11] ka at pacific dot net

Same bug found here in 5.04 on Fedora Core 4 with modphp
Symptom: modphp cannot write to files even if they are `chmod 777`, if
there is an acl for apache on the file.



[2005-06-15 23:51:26] 1 at 234 dot cx

I don't know if this is useful to anyone, but this seems to be a
regression of bug #14923, which was fixed back in 2002.

I have just experienced the bug on Fedora 4.  I tried JR's patch, and
that solves the problem for me.

Thanks,
Pete



[2005-06-12 16:16:35] jr at terragate dot net

I've written a patch to address this issue.

It uses POSIX's access function to determine file 
permissions.

I tested this patch on Mac OS 10.4.1, Windows XP SP2 and 
FreeBSD 5.2.1.

I am not sure if this patch also works for Win 9x (maybe 
R_OK, W_OK etc. are not defined there) and other non POSIX 
conformant OSes. Probably some more #ifndefs are required.

http://jr.terragate.net/access.diff



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/30931

-- 
Edit this bug report at http://bugs.php.net/?id=30931&edit=1

#28306 [Fbk->Csd]: PHP5-rc2 coredumps with Smarty-2.6.2, error handler and exceptions

[cunha17 at gmail dot com]

 ID:   28306
 User updated by:  cunha17 at gmail dot com
-Reported By:  cunha17 at uol dot com dot br
+Reported By:  cunha17 at gmail dot com
-Status:   Feedback
+Status:   Closed
 Bug Type: Reproducible crash
 Operating System: Redhat Linux 9/Fedora Core 1
 PHP Version:  5CVS-2004-05-06 (dev)
 New Comment:

This BUG is not present in current CVS anymore.
Thanx.


Previous Comments:


[2005-01-15 00:21:36] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php5-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.0-win32-latest.zip





[2004-05-19 15:25:53] cunha17 at uol dot com dot br

Using the gdb's "next" command, I could get an useful backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x in ?? ()
(gdb) bt
#0  0x in ?? ()
#1  0x0819c798 in execute (op_array=0x4076e378, tsrm_ls=0x8203200)
at /usr/src/zend2/php-src/Zend/zend_execute.c:1391
#2  0x0819fd9b in zend_do_fcall_common_helper
(execute_data=0xbfffd110,
opline=0x4076e174, op_array=0x4076f0a0, tsrm_ls=0x8203200)
at /usr/src/zend2/php-src/Zend/zend_execute.c:2728
#3  0x0819c798 in execute (op_array=0x4076f0a0, tsrm_ls=0x8203200)
at /usr/src/zend2/php-src/Zend/zend_execute.c:1391
#4  0x0819fd9b in zend_do_fcall_common_helper
(execute_data=0xbfffd340,
opline=0x40505dfc, op_array=0x40505520, tsrm_ls=0x8203200)
at /usr/src/zend2/php-src/Zend/zend_execute.c:2728
#5  0x0819c798 in execute (op_array=0x40505520, tsrm_ls=0x8203200)
at /usr/src/zend2/php-src/Zend/zend_execute.c:1391
#6  0x081803ec in zend_execute_scripts (type=8, tsrm_ls=0x8203200,
retval=0x0,
file_count=3) at /usr/src/zend2/php-src/Zend/zend.c:1058
#7  0x0814a191 in php_execute_script (primary_file=0xb710,
tsrm_ls=0x8203200) at /usr/src/zend2/php-src/main/main.c:1630
#8  0x081a7f8a in main (argc=2, argv=0xb794)
at /usr/src/zend2/php-src/sapi/cli/php_cli.c:943
#9  0x403d0a67 in __libc_start_main () from /lib/i686/libc.so.6



[2004-05-07 23:40:04] cunha17 at uol dot com dot br

I can't generate the backtrace. My php(cli) is already compiled with
--enable-debug and I recompiled it with only these options:
./configure --enable-debug --enable-cli

When running:
# gdb /usr/local/bin/php core.8971

I get:
GNU gdb Red Hat Linux (5.3.90-0.20030710.41rh)
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and
you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for
details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host
libthread_db library "/lib/tls/libthread_db.so.1".

Core was generated by `/usr/local/bin/php exception_bug.php'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /lib/tls/libm.so.6...done.
Loaded symbols for /lib/tls/libm.so.6
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /usr/lib/libxml2.so.2...done.
Loaded symbols for /usr/lib/libxml2.so.2
Reading symbols from /lib/tls/libpthread.so.0...done.
Loaded symbols for /lib/tls/libpthread.so.0
Reading symbols from /lib/tls/libc.so.6...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
0x in ?? ()

The backtrace command returns:

(gdb) bt
#0  0x in ?? ()

I don't know what else I can do. Any hints ?

Cristiano Duarte



[2004-05-06 20:00:34] [EMAIL PROTECTED]

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.



[2004-05-06 19:58:05] cunha17 at uol dot com dot br

The debug_backtrace() just before the segmentation fault:

Array
(
[0] => Array
(
[file] =>
/ho