From 91aa9e2bf984ea063fc4bbac160796145cae65f0 Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Tue, 10 Feb 2009 14:22:19 +0000 Subject: [PATCH] MFB: Added path truncation E_NOTICE to let people now when path resolving caused the file path to be truncated. --- main/fopen_wrappers.c | 4 +++- main/streams/plain_wrapper.c | 8 ++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index f11ea9fbe42..6319e7b7b4b 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -636,7 +636,9 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c *end = '\0'; end++; } - snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename); + if (snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename) > MAXPATHLEN) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path was truncated to %d", ptr, filename, MAXPATHLEN); + } fp = php_fopen_and_set_opened_path(trypath, mode, opened_path TSRMLS_CC); if (fp) { diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index 85f5238e255..035ef24cc8f 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -1289,7 +1289,9 @@ not_relative_path: /* getcwd() will return always return [DRIVE_LETTER]:/) on windows. */ *(cwd+3) = '\0'; - snprintf(trypath, MAXPATHLEN, "%s%s", cwd, filename); + if (snprintf(trypath, MAXPATHLEN, "%s%s", cwd, filename) > MAXPATHLEN) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path was truncated to %d", cwd, filename, MAXPATHLEN); + } free(cwd); @@ -1341,7 +1343,9 @@ not_relative_path: if (*ptr == '\0') { goto stream_skip; } - snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename); + if (snprintf(trypath, MAXPATHLEN, "%s/%s", ptr, filename) > MAXPATHLEN) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "%s/%s path was truncated to %d", ptr, filename, MAXPATHLEN); + } if (((options & STREAM_DISABLE_OPEN_BASEDIR) == 0) && php_check_open_basedir_ex(trypath, 0 TSRMLS_CC)) { goto stream_skip;