Hi Dmitry,
On Fri, Aug 8, 2008 at 5:52 PM, Dmitry Stogov <[EMAIL PROTECTED]> wrote:
> Hi,
>
> The attached patch is going to fix the problem.
> It implements its own realpath() function, so we won't depend on system
> anymore. It also improve realpath cache usage by caching intermediate
> results.
>
> I tested it on Linux and Windows only and it seems to work without
> problems. It breaks one test related to clearstatcache() function, but
> this break is expected.
>
> Could you please test it.
I can test it asap on various windows, probably on Monday.
After a quick review, it seems that FindClose is missing in the two
buffer overflow check.
> - state->cwd_length += ptr_length;
> +#ifdef TSRM_WIN32
> + if ((hFind = FindFirstFile(to, &data)) !=
> INVALID_HANDLE_VALUE) {
> +fprintf(stderr, "1 %s (%d)\n", to, len);
> + j = strlen(data.cFileName);
> +
> + i = len;
> + while (!IS_SLASH(to[i-1])) {
> + i--;
> + }
> + if (i + j >= MAXPATHLEN-1) {
> + /*buffer overflow */
FindClose(hFind);
> + return NULL;
> + }
> + if (CWDG(realpath_cache_size_limit)) {
> + memcpy(tmp, to, i);
> + memcpy(tmp + i, data.cFileName, j + 1);
> + realpath_cache_add(to, len, tmp, i + j, t
> TSRMLS_CC);
> + }
> + ret -= (j + 1);
> + if (ret < buf) {
> + /* buffer overflow */
FindClose(hFind);
> + return NULL;
> + }
> + *ret = DEFAULT_SLASH;
> + memcpy(ret+1, data.cFileName, j);
> + FindClose(hFind);
> + len = i - 1;
> + to[len] = 0;
> +fprintf(stderr, "2 %s - %s\n", to, ret);
> + continue;
> + } else {
> + if (use_realpath == CWD_REALPATH) {
> + return NULL;
> + } else {
> + goto next_dir;
> }
> - ptr = tsrm_strtok_r(NULL, TOKENIZER_STRING, &tok);
> }
Thanks for your work!
--
Pierre
http://blog.thepimp.net | http://www.libgd.org
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
