Project

General

Profile

Bug #8009

glob() in php works buggy with installed g++ 6.4 and "/../" in pattern

Added by Anonymous about 1 year ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
10/17/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

Expected (alpine:3.6):
docker run --rm -it alpine:3.6 sh 
/ # apk update >> /dev/null && \
>     apk add php5-cli >> /dev/null && \
>     php5 -r "var_dump(glob('/etc/apk/*')); var_dump(glob('/etc/apk/keys/../*'));" && \
>     apk add g++ >> /dev/null && \
>     php5 -r "var_dump(glob('/etc/apk/*')); var_dump(glob('/etc/apk/keys/../*'));" 
array(5) {
  [0]=>
  string(13) "/etc/apk/arch" 
  [1]=>
  string(13) "/etc/apk/keys" 
  [2]=>
  string(26) "/etc/apk/protected_paths.d" 
  [3]=>
  string(21) "/etc/apk/repositories" 
  [4]=>
  string(14) "/etc/apk/world" 
}
array(5) {
  [0]=>
  string(21) "/etc/apk/keys/../arch" 
  [1]=>
  string(21) "/etc/apk/keys/../keys" 
  [2]=>
  string(34) "/etc/apk/keys/../protected_paths.d" 
  [3]=>
  string(29) "/etc/apk/keys/../repositories" 
  [4]=>
  string(22) "/etc/apk/keys/../world" 
}
array(5) {
  [0]=>
  string(13) "/etc/apk/arch" 
  [1]=>
  string(13) "/etc/apk/keys" 
  [2]=>
  string(26) "/etc/apk/protected_paths.d" 
  [3]=>
  string(21) "/etc/apk/repositories" 
  [4]=>
  string(14) "/etc/apk/world" 
}
array(5) {
  [0]=>
  string(21) "/etc/apk/keys/../arch" 
  [1]=>
  string(21) "/etc/apk/keys/../keys" 
  [2]=>
  string(34) "/etc/apk/keys/../protected_paths.d" 
  [3]=>
  string(29) "/etc/apk/keys/../repositories" 
  [4]=>
  string(22) "/etc/apk/keys/../world" 
}

Actual(edge):
docker run --rm -it alpine:edge sh
/ # apk update >> /dev/null && \
>     apk add php5-cli >> /dev/null && \
>     php5 -r "var_dump(glob('/etc/apk/*')); var_dump(glob('/etc/apk/keys/../*'));" && \
>     apk add g++ >> /dev/null && \
>     php5 -r "var_dump(glob('/etc/apk/*')); var_dump(glob('/etc/apk/keys/../*'));" 

array(5) {
  [0]=>
  string(13) "/etc/apk/arch" 
  [1]=>
  string(13) "/etc/apk/keys" 
  [2]=>
  string(26) "/etc/apk/protected_paths.d" 
  [3]=>
  string(21) "/etc/apk/repositories" 
  [4]=>
  string(14) "/etc/apk/world" 
}
array(5) {
  [0]=>
  string(21) "/etc/apk/keys/../arch" 
  [1]=>
  string(21) "/etc/apk/keys/../keys" 
  [2]=>
  string(34) "/etc/apk/keys/../protected_paths.d" 
  [3]=>
  string(29) "/etc/apk/keys/../repositories" 
  [4]=>
  string(22) "/etc/apk/keys/../world" 
}
array(5) {
  [0]=>
  string(13) "/etc/apk/arch" 
  [1]=>
  string(13) "/etc/apk/keys" 
  [2]=>
  string(26) "/etc/apk/protected_paths.d" 
  [3]=>
  string(21) "/etc/apk/repositories" 
  [4]=>
  string(14) "/etc/apk/world" 
}
array(0) {
}

Associated revisions

Revision 39bfeece (diff)
Added by Timo Teräs about 1 year ago

main/musl: fix glob regression

likely fixes #8009

History

#1 Updated by Timo Teräs about 1 year ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Natanael Copa about 1 year ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF