diff options
| author | Nikita Popov <nikita.ppv@gmail.com> | 2020-08-05 11:27:13 +0200 |
|---|---|---|
| committer | Nikita Popov <nikita.ppv@gmail.com> | 2020-08-07 10:33:27 +0200 |
| commit | 3bb183036976fc8bfdf039b41efe1e4312894937 (patch) | |
| tree | b93b620b9e10f0022d581b0bcc05af6ce69b9b4a | |
| parent | 7c8467562d4bc6f04047c0a32a91c95042f60f34 (diff) | |
| download | php-git-3bb183036976fc8bfdf039b41efe1e4312894937.tar.gz | |
Reapply "Explicitly validate popen mode"
To avoid behavior differences due to libc. This time with the
check only for the non-win32 case, as Windows support additional
modifiers here (t/b).
| -rw-r--r-- | ext/standard/file.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ext/standard/file.c b/ext/standard/file.c index 98578376b0..058d78688d 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -930,8 +930,16 @@ PHP_FUNCTION(popen) char *z = memchr(posix_mode, 'b', mode_len); if (z) { memmove(z, z + 1, mode_len - (z - posix_mode)); + mode_len--; } } + + /* Musl only partially validates the mode. Manually check it to ensure consistent behavior. */ + if (mode_len != 1 || (*posix_mode != 'r' && *posix_mode != 'w')) { + php_error_docref2(NULL, command, posix_mode, E_WARNING, "Invalid mode"); + efree(posix_mode); + RETURN_FALSE; + } #endif fp = VCWD_POPEN(command, posix_mode); |