Actions
Bug #103943
closed
is_dir() check with trailing slash violates open_basedir restriction if node is a file
Status:
Closed
Priority:
Should have
Assignee:
-
Category:
File Abstraction Layer (FAL)
Target version:
-
Start date:
2024-05-28
Due date:
% Done:
100%
Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:
Description
If a folder is tried to be created where currently a file is located, the following open_basedir warning is emitted:
PHP Warning: is_dir(): open_basedir restriction in effect. File(/srv/vhosts/…/site/mage/releases/…/public/fileadmin/…/) is not within the allowed path(s): (/srv/vhosts/…/site/:/usr/share/php/:/tmp/:/usr/bin/:/bin/:/usr/local/bin/:/usr/local/lib/) in /srv/vhosts/…/site/mage/releases/…/public/typo3/sysext/core/Classes/Utility/GeneralUtility.php line 1920
This can be verified via:
<?php
file_put_contents('foobar', '');
ini_set('open_basedir', __DIR__);
// OK
var_dump(is_file(__DIR__ . '/foobar'));
// OK
var_dump(is_dir(__DIR__ . '/foobar'));
// Not OK, warning
var_dump(is_dir(__DIR__ . '/foobar/'));
Updated by Gerrit Code Review 6 months ago
- Status changed from New to Under Review
Patch set 1 for branch 11.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/84437
Updated by Gerrit Code Review 6 months ago
Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/84452
Updated by Gerrit Code Review 6 months ago
Patch set 1 for branch 12.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/84461
Updated by Benjamin Franzke 6 months ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset cef0b7d187ef8c4026abf826316a2e85596e76c7.
Updated by
Actions