Just noticed on the upgraded drupal.hu that if open_basedir is in effect, we get PHP errors on the /dev/urandom opener line:

fopen() [<a href='function.fopen'>function.fopen</a>]: open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s): (....) - ...../modules/openid/openid.inc - 371.

I'd say that this deserves an is_readable() check first. Otherwise it will fill up logs of those with open_basedir restrictions. The following code supplements the case with pseudo-random-ness, so we just need to get rid of this error.

CommentFileSizeAuthor
#1 openid-devrandom-readable-218409-1.patch618 bytescburschka

Comments

cburschka’s picture

cburschka
they
commented
Status: Active » Needs review
StatusFileSize
new openid-devrandom-readable-218409-1.patch618 bytes

Interestingly, fopen is already prefixed with a '@', which as far as I know should suppress exactly this type of error. I also recall this being discouraged in favor of actually checking preconditions, to ensure transparent code.

This patch checks is_readable before opening, and sets the file stream to FALSE otherwise. I believe this should prevent any warnings of the fopen call, so the @ is also removed.

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented

I installed this patch on drupal.hu and will watch how it performs.

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Status: Needs review » Needs work

Hm, this did not quite work out:

is_readable() [<a href='function.is-readable'>function.is-readable</a>]: open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s): ...

Instead of crufting an open_basedir grepper here, we should investigate why is @ not stopping the error reporting. I also get the two errors:

fsockopen() [<a href='function.fsockopen'>function.fsockopen</a>]: php_network_getaddresses: getaddrinfo failed: Name or service not known - ..../root/includes/common.inc - 442.

fsockopen() [<a href='function.fsockopen'>function.fsockopen</a>]: unable to connect to dfgfddfg:80 (Unknown error) - .../includes/common.inc - 442.

when tying go use an obviously invalid OpenID. (dfgfddfg). This is also in a @-ed fsockopen(), so should not report errors. (and should also be easier to reproduce :).

Drupal_error_handler() has

  if (error_reporting() == 0) {
    return;
  }

so in theory, it should not fire a log message for these errors.

cburschka’s picture

cburschka
they
commented

Ugh. This is stupid.

I've asked comp.lang.php if there is a warning-safe check for determining if a file is readable. But I agree that finding out why @ is powerless to stop this is the more important issue.

cburschka’s picture

cburschka
they
commented

This is indeed a PHP bug http://bugs.php.net/bug.php?id=37476 that was apparently fixed in 5.1 or 5.2 some time in 2006. What version of PHP are you using on drupal.hu?

As D6 still has to support PHP4 without errors, and there appears to be no workaround, we will be forced to stick with fixing the @ character.

chx’s picture

chx commented
Status: Needs work » Closed (won't fix)

Drupal does not work with open_basedir , mod_security and other snake oil methods to security. Change your host.

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Title: Open basedir restriction on /dev/urandom » Error reporting not taken into account in error handler
Component: openid.module » base system
Status: Closed (won't fix) » Active

Haha, I consider it a good practice to set open_basedir on myself even on my own server, so that in any case some bug is found, I have an extra level of protection, even if it is not the most bullet proof.

Anyway, our focus shifted to the fact that even if you silence errors with @ purposefully in your code, they are not silenced in our error handler. Look at #3 which is also a an example of this and reproducable regardless of open basedir, only takes some user input to shower your logs with errors.

cburschka’s picture

cburschka
they
commented

Well, this is still pretty mysterious, because as you said:

function drupal_error_handler($errno, $message, $filename, $line, $context) {
  // If the @ error suppression operator was used, error_reporting is
  // temporarily set to 0.
  if (error_reporting() == 0) {
    return;
  }

Is error_reporting not equal to 0 when @ is used?

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented

Well, that needs to be looked into :)

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented

Just made a simple test script:

ini_set('display_errors', TRUE);
fopen();
@fopen();
fopen();

set_error_handler('err_handler');
fopen();
@fopen();
fopen();

function err_handler($errno, $errstr, $errfile, $errline, array $errcontext) {
  print error_reporting() .': '. $errstr . "\n";
}

The output on my local machine is:

Warning: fopen() expects at least 2 parameters, 0 given in ...../t.php on line 3
Warning: fopen() expects at least 2 parameters, 0 given in ..../t.php on line 5
6143: fopen() expects at least 2 parameters, 0 given
0: fopen() expects at least 2 parameters, 0 given
6143: fopen() expects at least 2 parameters, 0 given

So basically the first and third fopen() call results in an error properly, and the second fopen() error is omitted. Then when I have a custom error handler, it properly returns the error level, 0 when @ was used. Hm. So this looks like normal behavior in PHP, and either a problem on my host or in how Drupal uses error handlers.

Can anyone reproduce the following:

- use Drupal 6
- enable OpenID module
- try to log in with OpenID and give some random string in place of the openid: sdfsdfsdf will do :)
- check your error logs

Do you see the fsockopen errors?

keith.smith’s picture

keith.smith commented

Can anyone reproduce the following:

- use Drupal 6
- enable OpenID module
- try to log in with OpenID and give some random string in place of the openid: sdfsdfsdf will do :)
- check your error logs

Do you see the fsockopen errors?

No, no errors were displayed (other than the invalid OpenID message) and no errors were recorded in the logs.

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Status: Active » Closed (fixed)

OK, tried this on two hosts. My localhost has it all fine as pointed out above, and I see all the error reporting running fine (I have PHP 5.2.3, a global and local error_reporting setting of 6143). So basically, on my localhost, I get no error reportig problems as described above.

But the Drupal.hu host has PHP 5.2.1 and it has a global error_reporting setting of 15 and a local error reporting setting of 6135. This should not matter at all, since Drupal sets its own value, but for the errors when @ is used my local machine goes to 0 properly, while the drupal.hu host goes to 15(!), which is the global error_reporting value. Don't know why, but the problem certainly stands outside of Drupal land (either a PHP bug or a weird configuration condition), so not a Drupal error.