From 4eee81b50944033b6f0a1069d64229df6414271d Mon Sep 17 00:00:00 2001 From: Niels Dossche <7771979+nielsdos@users.noreply.github.com> Date: Thu, 30 Nov 2023 20:43:50 +0100 Subject: [PATCH] Fix GH-12838: [SOAP] Temporary WSDL cache files not being deleted If there are two users that can execute the script that caches a WSDL, but the script is owned by a single user, then the caching code will name the cached file with the file owner username and a hash of the uri. When one of the two tries to rename the file created by the other process, this does not work because it has no permission to do so. This then leaves temporary files floating in the temp directory. To fix the immediate problem, unlink the file after rename has failed. On the long term, this has to be fixed by taking the username of the process instead of the username of the file owner. Closes GH-12841. --- NEWS | 4 ++++ ext/soap/php_sdl.c | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 56aa5d51bb2..ceda8d103ca 100644 --- a/NEWS +++ b/NEWS @@ -56,6 +56,10 @@ PHP NEWS - PHPDBG: . Fixed bug GH-12675 (MEMORY_LEAK in phpdbg_prompt.c). (nielsdos) +- SOAP: + . Fixed bug GH-12838 ([SOAP] Temporary WSDL cache files not being deleted). + (nielsdos) + - SPL: . Fixed bug GH-12721 (SplFileInfo::getFilename() segfault in combination with GlobIterator and no directory separator). (nielsdos) diff --git a/ext/soap/php_sdl.c b/ext/soap/php_sdl.c index 5c833dc45cf..749f5a5685e 100644 --- a/ext/soap/php_sdl.c +++ b/ext/soap/php_sdl.c @@ -2381,7 +2381,9 @@ static void add_sdl_to_cache(const char *fn, const char *uri, time_t t, sdlPtr s /* Make sure that incomplete files (e.g. due to disk space issues, see bug #66150) are not utilised. */ if (valid_file) { /* This is allowed to fail, this means that another process was raced to create the file. */ - (void) VCWD_RENAME(ZSTR_VAL(temp_file_path), fn); + if (VCWD_RENAME(ZSTR_VAL(temp_file_path), fn) < 0) { + VCWD_UNLINK(ZSTR_VAL(temp_file_path)); + } } smart_str_free(&buf);