archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 13:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
php-src/ext/standard
History
Exact
Niels Dossche 39c1a90f4a
Fix GHSA-9fcc-425m-g385: bypass CVE-2024-1874 
The old code checked for suffixes but didn't take into account trailing
whitespace. Furthermore, there is peculiar behaviour with trailing dots
too. This all happens because of the special path-handling code inside
CreateProcessW.

By studying Wine's code, we can see that CreateProcessInternalW calls
get_file_name [1] in our case because we haven't provided an application
name. That code gets the first whitespace-delimited string into app_name
excluding the quotes. It's then passed to create_process_params [2]
where there is the path handling code that transforms the command line
argument to an image path [3]. Inside Wine, the extension check if
performed after these transformations [4]. By doing the same thing in
PHP we match the behaviour and can properly match the extension even in
the given edge cases.

[1] 166895ae3a/dlls/kernelbase/process.c (L542-L543)
[2] 166895ae3a/dlls/kernelbase/process.c (L565)
[3] 166895ae3a/dlls/kernelbase/process.c (L150-L151)
[4] 166895ae3a/dlls/kernelbase/process.c (L647-L654)
2024-06-04 08:55:36 -04:00
..
html_tables Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
libavifinfo Implement php_handle_avif() using libavifinfo 2021-12-15 20:27:40 +01:00
tests Fix GHSA-9fcc-425m-g385: bypass CVE-2024-1874 2024-06-04 08:55:36 -04:00
array.c Forgotten piece of GH-13309/GH-13310 previous PR 2024-02-03 13:22:45 +00:00
assert.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
base64.c Windows arm64 zend and standard extension support 2022-08-09 12:45:14 +02:00
base64.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
basic_functions.c Fix bug #75712: getenv in php-fpm should not read $_ENV, $_SERVER 2024-02-04 11:58:18 +00:00
basic_functions.h Implement Random Extension 2022-07-19 10:27:38 +01:00
basic_functions.stub.php Remove CTE flag from array_diff_ukey(), which was added by mistake 2023-03-15 21:40:11 +01:00
basic_functions_arginfo.h Revert "Fix GH-9967 Add support for generating custom function, class const, and property attributes in stubs" 2023-07-04 09:11:14 +02:00
browscap.c Fix GH-12621: browscap segmentation fault when configured in the vhost 2023-11-22 20:39:28 -06:00
config.m4 Fix GH-13727: macro generating invalid call test prototypes fixes. 2024-03-18 06:53:39 +00:00
config.w32 Windows arm64 build system support 2022-08-09 16:22:14 +02:00
crc32.c crc32 Aarch64 add crc feature to crc32_aarch64 from clang 2022-07-22 12:46:11 +01:00
crc32.h phar: crc32: Extend and cleanup API for the new bulk crc32 functions 2021-07-03 21:03:47 +02:00
crc32_x86.c Zend/zend_cpuinfo, ext/standard/crc32_x86: fix -Wstrict-prototypes 2023-02-07 22:47:43 +00:00
crc32_x86.h X86: Fast CRC32 computation using PCLMULQDQ instruction 2020-09-02 15:10:41 +02:00
credits.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
credits.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
credits_ext.h Run scripts/dev/credits 2022-07-19 17:45:15 +02:00
credits_sapi.h
crypt.c Merge branch 'PHP-8.1' into PHP-8.2 2023-02-12 21:34:10 -07:00
crypt_blowfish.c crypt: Fix validation of malformed BCrypt hashes 2023-02-12 20:46:44 -07:00
crypt_blowfish.h Clean house in cryptographic hashing code 2020-06-24 13:40:27 +02:00
crypt_freesec.c Use standard C99 uint8_t type instead of u_char type for crypt_freesec (#8610) 2022-05-23 19:06:41 +01:00
crypt_freesec.h Use standard C99 uint8_t type instead of u_char type for crypt_freesec (#8610) 2022-05-23 19:06:41 +01:00
crypt_sha256.c Follow up on #8897 but on master which instead does not use the old custom alloca. 2022-07-04 12:56:01 +01:00
crypt_sha512.c Follow up on #8897 but on master which instead does not use the old custom alloca. 2022-07-04 12:56:01 +01:00
css.c phpinfo HTML Output: Make module title names clickable and link to the URL fragment 2022-07-20 17:18:34 +02:00
css.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
datetime.c Fix [-Wundef] warnings in standard extension 2022-04-01 15:48:41 +01:00
datetime.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
dir.c Fix bug #65489: glob() basedir check is inconsistent 2022-08-02 18:36:29 +01:00
dir.stub.php Declare Directory properties 2021-08-19 10:39:23 +02:00
dir_arginfo.h Declare Directory properties 2021-08-19 10:39:23 +02:00
dl.c Merge branch 'PHP-8.1' into PHP-8.2 2023-09-20 20:58:08 +02:00
dl.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
dl.stub.php Add stubs for some SAPIs 2020-05-14 13:35:12 +02:00
dl_arginfo.h Include stub hash in generated arginfo files 2020-06-24 09:55:19 +02:00
dns.c Declare ext/standard constants in stubs - part 5 2022-09-02 15:04:49 +02:00
dns_win32.c Declare ext/standard constants in stubs - part 5 2022-09-02 15:04:49 +02:00
exec.c Fix [-Wundef] warnings in standard extension 2022-04-01 15:48:41 +01:00
exec.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
file.c Merge branch 'PHP-8.1' into PHP-8.2 2023-08-08 09:51:02 +01:00
file.h Make php_fgetcsv() return a HashTale instead of in-out zval param (#8936) 2022-07-08 12:11:05 +01:00
file.stub.php Fix GH-9518: Disabling IPv6 support disables unrelated constants 2022-09-10 18:12:22 +02:00
file_arginfo.h Fix GH-9518: Disabling IPv6 support disables unrelated constants 2022-09-10 18:12:22 +02:00
filestat.c Fix some MSAN complaints under Clang (#8553) 2022-05-13 23:30:20 +01:00
filters.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
flock_compat.c Fix [-Wundef] warnings in standard extension 2022-04-01 15:48:41 +01:00
flock_compat.h Fix [-Wundef] warnings in standard extension 2022-04-01 15:48:41 +01:00
formatted_print.c Merge branch 'PHP-8.0' into PHP-8.1 2021-09-29 12:21:49 +02:00
fsock.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
fsock.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
ftok.c Fix [-Wundef] warnings in standard extension 2022-04-01 15:48:41 +01:00
ftp_fopen_wrapper.c Merge branch 'PHP-8.1' into PHP-8.2 2023-06-27 17:54:39 +02:00
head.c Simplify and move check for too high expiry time, which you can't reach on 32bit systems 2022-08-11 16:27:25 +01:00
head.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
hrtime.c Fix [-Wundef] warnings in standard extension 2022-04-01 15:48:41 +01:00
hrtime.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
html.c Merge branch 'PHP-8.1' into PHP-8.2 2023-01-25 00:10:56 +00:00
html.h Refactor php_next_utf8_char() to use zend_result 2022-03-13 13:48:21 +00:00
html_tables.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
http.c Reduce memory allocated by var_export, json_encode, serialize, and other (#8902) 2022-07-08 14:47:46 +02:00
http_fopen_wrapper.c Merge branch 'PHP-8.1' into PHP-8.2 2023-05-19 23:43:02 +02:00
image.c Fix undefined behavior (left shift of negative number) 2024-05-06 09:49:41 +03:00
incomplete_class.c Fixed some spaces used instead of tabs 2021-06-29 11:30:26 +02:00
info.c Merge branch 'PHP-8.1' into PHP-8.2 2023-03-03 11:45:50 +01:00
info.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
iptc.c Fix some MSAN complaints under Clang (#8553) 2022-05-13 23:30:20 +01:00
levenshtein.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
link.c Fix some MSAN complaints under Clang (#8553) 2022-05-13 23:30:20 +01:00
mail.c Added validation of \n in $additional_headers of mail() 2024-03-04 21:30:07 +09:00
Makefile.frag Revert "Remove some unnecessary explicit header dependencies" 2021-03-16 14:22:25 +01:00
Makefile.frag.w32
math.c Prevent int overflow on $decimals in number_format 2023-07-21 13:50:18 +02:00
md5.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
md5.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
metaphone.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
microtime.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
net.c Fix [-Wundef] warnings in standard extension 2022-04-01 15:48:41 +01:00
pack.c Merge branch 'PHP-8.1' into PHP-8.2 2023-03-28 22:43:53 +02:00
pack.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
pageinfo.c Don't initialise pointers to zend_stat_t 2022-05-22 16:13:44 +01:00
pageinfo.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
password.c Merge branch 'PHP-8.1' into PHP-8.2 2024-04-09 23:49:31 -05:00
php_array.h Declare ext/standard constants in stubs - part 1 (#9404) 2022-08-24 16:09:48 +02:00
php_assert.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_browscap.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_crypt.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_crypt_r.c Merge branch 'PHP-8.0' into PHP-8.1 2022-09-29 20:40:33 +01:00
php_crypt_r.h fix php_init_crypt_r/php_shutdown_crypt_r signatures warning. 2022-09-29 20:40:16 +01:00
php_dir.h Remove unnecessary PHP_FUNCTION() declarations (#7472) 2021-09-07 10:04:00 +02:00
php_dns.h Declare ext/standard constants in stubs - part 5 2022-09-02 15:04:49 +02:00
php_ext_syslog.h Fix memory leak in standard syslog device handling 2023-11-09 13:29:09 +00:00
php_filestat.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_fopen_wrapper.c Initialise zend_stat_t to fix MSAN build 2022-05-22 16:06:27 +01:00
php_fopen_wrappers.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_http.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_image.h Declare ext/standard constants in stubs - part 6 2022-09-02 16:07:25 +02:00
php_incomplete_class.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_lcg.h Implement Random Extension 2022-07-19 10:27:38 +01:00
php_mail.h Added validation of \n in $additional_headers of mail() 2024-03-04 21:30:07 +09:00
php_math.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_mt_rand.h Implement Random Extension 2022-07-19 10:27:38 +01:00
php_net.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_password.h Fix [-Wundef] warnings in standard extension 2022-04-01 15:48:41 +01:00
php_rand.h Fix undefined behaviour in GENERATE_SEED() 2023-03-26 16:07:39 +02:00
php_random.h Implement Random Extension 2022-07-19 10:27:38 +01:00
php_smart_string.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_smart_string_public.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_standard.h Implement Random Extension 2022-07-19 10:27:38 +01:00
php_string.h Declare ext/standard constants in stubs - part 7 (#9505) 2022-09-08 13:57:07 +02:00
php_uuencode.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_var.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
php_versioning.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
proc_open.c Fix GHSA-9fcc-425m-g385: bypass CVE-2024-1874 2024-06-04 08:55:36 -04:00
proc_open.h Refactor proc_open() implementation (#7255) 2021-08-11 14:51:55 +02:00
quot_print.c Fixed some spaces used instead of tabs 2021-06-29 11:30:26 +02:00
quot_print.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
scanf.c Specify function pointer signature for scanf implementation 2021-05-12 18:58:44 +01:00
scanf.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
sha1.c Fix GH-12936: hash() function hangs endlessly if using sha512 on strings >= 4GiB 2023-12-12 19:57:06 +01:00
sha1.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
soundex.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
streamsfuncs.c Merge branch 'PHP-8.1' into PHP-8.2 2023-05-03 19:46:51 +02:00
streamsfuncs.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
string.c Merge branch 'PHP-8.1' into PHP-8.2 2023-08-24 21:07:18 +01:00
strnatcmp.c Minor refactoring of std string extension (#8196) 2022-04-23 12:15:13 +01:00
syslog.c Merge branch 'PHP-8.1' into PHP-8.2 2023-11-16 14:36:16 +00:00
type.c Don't unnecessary fetch error in is_callable() 2021-09-01 16:58:46 +02:00
uniqid.c Implement Random Extension 2022-07-19 10:27:38 +01:00
url.c Revert "Fix parse_url(): can not recognize port without scheme" 2022-09-23 19:44:29 +02:00
url.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
url_scanner_ex.h Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
url_scanner_ex.re Fix persistent local flag in session url updating (#13905) 2024-04-07 15:24:29 +02:00
user_filters.c Fix GH-13264: Part 1 - Memory leak on filter failure 2024-03-29 16:06:49 +00:00
user_filters.stub.php Declare php_user_filter::$stream property 2021-08-20 14:50:25 +02:00
user_filters_arginfo.h Revert "Fix GH-9967 Add support for generating custom function, class const, and property attributes in stubs" 2023-07-04 09:11:14 +02:00
uuencode.c Update http->https in license (#6945) 2021-05-06 12:16:35 +02:00
var.c Merge branch 'PHP-8.1' into PHP-8.2 2023-06-28 21:16:51 +02:00
var_unserializer.re unserialize: Strictly check for :{ at object start (#10214) 2023-01-12 19:55:54 +01:00
versioning.c Fixed some spaces used instead of tabs 2021-06-29 11:30:26 +02:00
winver.h