Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trailing multi dots in filenames are ignored in Windows #14779

Open
tsybot opened this issue Jul 3, 2024 · 0 comments
Open

Trailing multi dots in filenames are ignored in Windows #14779

tsybot opened this issue Jul 3, 2024 · 0 comments
Labels
Bug Category: Filesystem OS: Windows Status: Verified

Comments

@tsybot
Copy link

tsybot commented Jul 3, 2024
edited
Loading

Description

Additional dots ignored windows Windows treats filenames with trailing dots in a special way, namely that these are basically ignored by most APIs.
But, anyway on windows we can create this files with prefix "\\?\", for example:

ECHO 123> \\?\C:\app\flag.txt....

Check file is created

C:\app>dir
 Volume in drive C has no label.
 Volume Serial Number is F6CA-D975

 Directory of C:\app

07/03/2024  07:53 AM    <DIR>          .
06/23/2024  03:03 PM    <DIR>          ..
07/03/2024  07:53 AM                 5 flag.txt....

So file exists but realpath function not find it, and functions who use VCWD_REALPATH iside same not found it and open_basedir check can not passed because use VCWD_REALPATH

<?php
var_dump(realpath("C:\\app\\flag.txt...."));
var_dump(bindtextdomain('xxx', "C:\\app\\flag.txt...."));
var_dump(file_get_contents("C:\\app\\flag.txt...."));

try to use "\\?\" prefix

<?php
var_dump(realpath("\\\\?\\C:\\app\\flag.txt...."));
var_dump(bindtextdomain('xxx', "\\\\?\\C:\\app\\flag.txt...."));
var_dump(file_get_contents("\\\\?\\C:\\app\\flag.txt...."));

Resulted in this output:

bool(false)
bool(false)
Warning: file_get_contents(C:\app\flag.txt....): Failed to open stream: No such file or directory in C:\app\test.php on line 3
bool(false)

bool(false)
bool(false)
Warning: file_get_contents(\\?\C:\app\flag.txt....): Failed to open stream: No such file or directory in C:\app\test.php on line 3
bool(false)

But I expected this output instead:

string(19) "C:\app\flag.txt...."
string(19) "C:\app\flag.txt...."
string(3) "123"

string(19) "C:\app\flag.txt...."
string(19) "C:\app\flag.txt...."
string(3) "123"

If we enable open_basedir and set it to C:\app\ it falied on open_basedir check with prefix "\\?\"

<?php
var_dump(file_get_contents("C:\\app\\flag.txt...."));
var_dump(file_get_contents("\\\\?\\C:\\app\\flag.txt...."));
Warning: file_get_contents(C:\app\flag.txt....): Failed to open stream: No such file or directory in C:\app\test.php on line 1
bool(false)
Warning: file_get_contents(): open_basedir restriction in effect. File(\\?\C:\app\flag.txt....) is not within the allowed path(s): (C:\\app\\) in C:\app\test.php on line 2
Warning: file_get_contents(\\?\C:\app\flag.txt....): Failed to open stream: Operation not permitted in C:\app\test.php on line 2
bool(false)

All function who use open_basedir check fail to check if use "\\?\" prefix, but if open_basedir not set functions: is_readable,file_exists,is_writable,filesize,fileatime .. maybe more - is working prefect with "\\?\" prefix,, im not check all functions.
Not working functions: realpath,file_get_contents,bindtextdomain,readfile,file,opcache_invalidate,SplFileInfo->getRealPath ... maybe more

PHP Version

PHP 8.3.6

Operating System

Windows Server 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Category: Filesystem OS: Windows Status: Verified
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nielsdos @tsybot