Skip to content

Commit 3f6e956

Browse files
xabbuhxabbuh
committed
do not search in $PATH entries not allowed by open_basedir
do not filter
1 parent 5d0fa8e commit 3f6e956

File tree

2 files changed

+45
-7
lines changed

2 files changed

+45
-7
lines changed

src/Symfony/Component/Process/ExecutableFinder.php

+6-6
Original file line numberDiff line numberDiff line change
@@ -48,9 +48,14 @@ public function addSuffix(string $suffix)
4848
*/
4949
public function find(string $name, ?string $default = null, array $extraDirs = [])
5050
{
51+
$dirs = array_merge(
52+
explode(\PATH_SEPARATOR, getenv('PATH') ?: getenv('Path')),
53+
$extraDirs
54+
);
55+
5156
if (\ini_get('open_basedir')) {
5257
$searchPath = array_merge(explode(\PATH_SEPARATOR, \ini_get('open_basedir')), $extraDirs);
53-
$dirs = [];
58+
5459
foreach ($searchPath as $path) {
5560
// Silencing against https://bugs.php.net/69240
5661
if (@is_dir($path)) {
@@ -61,11 +66,6 @@ public function find(string $name, ?string $default = null, array $extraDirs = [
6166
}
6267
}
6368
}
64-
} else {
65-
$dirs = array_merge(
66-
explode(\PATH_SEPARATOR, getenv('PATH') ?: getenv('Path')),
67-
$extraDirs
68-
);
6969
}
7070

7171
$suffixes = [''];

src/Symfony/Component/Process/Tests/ExecutableFinderTest.php

+39-1
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,13 @@ public function testFindWithOpenBaseDir()
109109
$this->markTestSkipped('Cannot test when open_basedir is set');
110110
}
111111

112-
$initialOpenBaseDir = ini_set('open_basedir', \dirname(\PHP_BINARY).\PATH_SEPARATOR.'/');
112+
$openBaseDir = \dirname(\PHP_BINARY).\PATH_SEPARATOR.sys_get_temp_dir().\PATH_SEPARATOR.getcwd();
113+
114+
if ($_SERVER['SYMFONY_PHPUNIT_DIR'] ?? null) {
115+
$openBaseDir .= \PATH_SEPARATOR.$_SERVER['SYMFONY_PHPUNIT_DIR'];
116+
}
117+
118+
$initialOpenBaseDir = ini_set('open_basedir', $openBaseDir);
113119

114120
try {
115121
$finder = new ExecutableFinder();
@@ -121,6 +127,38 @@ public function testFindWithOpenBaseDir()
121127
}
122128
}
123129

130+
/**
131+
* @runInSeparateProcess
132+
*/
133+
public function testFindWithSubdirectoryOfOpenBaseDir()
134+
{
135+
if (\ini_get('open_basedir')) {
136+
$this->markTestSkipped('Cannot test when open_basedir is set');
137+
}
138+
139+
$paths = explode(\PATH_SEPARATOR, getenv('PATH'));
140+
$phpBinaryPath = \dirname(\PHP_BINARY);
141+
142+
if (!in_array($phpBinaryPath, $paths, true)) {
143+
$paths[] = $phpBinaryPath;
144+
}
145+
146+
$this->setPath(implode(\PATH_SEPARATOR, $paths));
147+
148+
$openBaseDir = \dirname(\dirname(\PHP_BINARY)).\PATH_SEPARATOR.sys_get_temp_dir().\PATH_SEPARATOR.getcwd();
149+
150+
if ($_SERVER['SYMFONY_PHPUNIT_DIR'] ?? null) {
151+
$openBaseDir .= \PATH_SEPARATOR.$_SERVER['SYMFONY_PHPUNIT_DIR'];
152+
}
153+
154+
ini_set('open_basedir', $openBaseDir);
155+
156+
$finder = new ExecutableFinder();
157+
$result = $finder->find($this->getPhpBinaryName());
158+
159+
$this->assertSamePath(\PHP_BINARY, $result);
160+
}
161+
124162
/**
125163
* @runInSeparateProcess
126164
*/

0 commit comments

Comments
 (0)