ID: 19650 User updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Bogus +Status: Open Bug Type: Scripting Engine problem Operating System: Windows PHP Version: 4.2.3 New Comment:
Wow... I'm a fool, I have tested wrong PHP version! Error is still actual. But now I think I have found the bug place. File main/fopen_wrappers.c, in function php_fopen_with_path, we can see a piece of code: if (IS_ABSOLUTE_PATH(filename, filename_length)) { if ((php_check_safe_mode_include_dir(filename TSRMLS_CC)) == 0) /* filename is in safe_mode_include_dir (or subdir) */ return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); if (PG(safe_mode) && (!php_checkuid(filename, mode, CHECKUID_CHECK_MODE_PARAM))) return NULL; return php_fopen_and_set_opened_path(filename, mode, opened_path TSRMLS_CC); } /* else start to glue path from include_path */ ... Under Windows IS_ABSOLUTE_PATH is: #define IS_ABSOLUTE_PATH(path, len) \ (len >= 2 && isalpha(path[0]) && path[1] == ':') Of course, when Apache's mod_php4 makes "include" request for "/home/localhost/www/phpinfo.php", program DOES NOT get into "if" statement! And we get pathes something like ".//home/localhost/www/phpinfo.php" and "c:/php/pear//home/localhost/www/phpinfo.php" when include_path=".;c:/php/pear" (I have dumped "path" argument of virtual_fopen function [tsrm_virtual-cwd.c] to watch such pathes). We cannot modify IS_ABSOLUTE_PATH macro, because there is #define COPY_WHEN_ABSOLUTE 2 before it, and core always think that "absolute" part contains 2 characters - we'd like to thank developers of windows port for that :-(. Path "/some/path" contains NONE "absolute" characters ("z:/some/path" contains two - "z:"). But, if we patch: - if (IS_ABSOLUTE_PATH(filename, filename_length)) { + if (IS_ABSOLUTE_PATH(filename, filename_length) + || IS_SLASH(*filename)) { PHP begins to work! I don't know would it cause a security problem with safe_mode. Code is too tangled and duplicated (somebody likes "copy+paste" technique of programming, I suppose). Please correct this bug in next PHPs. Now I will patch it "by hands", but I don't want our users to cry when they would install newer version and it begin to trash. Previous Comments: ------------------------------------------------------------------------ [2002-10-05 18:49:02] [EMAIL PROTECTED] Of course, not OK (-; File c:\t.php: <?php include "/test.php" ?> File c:\test.php: <?php echo "!" ?> c:\php> php.exe -q < c:\t.php <br /> <b>Warning</b>: Failed opening '/test.php' for inclusion (include_path='.;c:\php4\pear') in <b>-</b> on line <b>2</b><br /> c:\php> php.exe -q c:\t.php ! Strange, isn't it?.. Good "/test.php", or not good, when I write DocumentRoot /home/localhost/www in httpd.conf, and then GET /phpinfo.php HTTP/1.1 Apache calls /home/localhost/www/phpinfo.php, but not ./home/localhost/www (-; Well, 4.2.3 processes it correctly (and we may close this bug report), but... I meant that PHP 4.2.3 still have something wrong in its code, because absolute-slashed pathes do not work sometimes (like in "< script", maybe somewhere else?). Here, in Russia, we saying in such cases: "Heh, something's wrong in Danish kingdom". (-; Today I tried to debug it, but have not found a bug place. Maybe next time. Good luck. ------------------------------------------------------------------------ [2002-10-05 16:07:37] [EMAIL PROTECTED] <?include "/test.php"?> is not good this is better: <?php include ("./test.php"); ?> ok? ------------------------------------------------------------------------ [2002-10-05 15:35:28] [EMAIL PROTECTED] New information about this bug. 1. Since version PHP 4.2.3 bug is "changed": File /t.php AND ./t.php (identical): <?include "/test.php"?> Tests: a) > php.exe c:\t.php - works b) > php.exe \t.php - works c) > php.exe /t.php - works d) > php.exe <?include "/test.php"?> ^Z - DOES NOT work. In version 4.1.2...4.2.2 a, b & c are not working. 2. Versions <= 4.1.1 work correctly. So, I think there is only an error if PHP.exe v4.2.3+ gets program from STDIN. Previous versions (<4.2.3) do not work with command-line filename too. ------------------------------------------------------------------------ [2002-10-01 10:49:52] [EMAIL PROTECTED] A) same problem b) same submitter -> bogus ------------------------------------------------------------------------ [2002-10-01 10:42:38] [EMAIL PROTECTED] Dup not bogus ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/19650 -- Edit this bug report at http://bugs.php.net/?id=19650&edit=1