Posted by naxoc on January 30, 2010 at 11:45pm
| Project: | Drupal core |
| Version: | 7.x-dev |
| Component: | file system |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
I accidentially passed NULL to file_unmanaged_delete_recursive() and my entire install was deleted. The file rights were probably not set up quite right, but I was wondering how that could happen.
file_unmanaged_delete_recursive() and file_unmanaged_delete() both call drupal_realpath() that call the PHP function realpath().
It turns out that on *BSD systems, the PHP realpath function does not return FALSE on failure as it should. So if I do this on a mac running MAMP:
print realpath(NULL);
print realpath(FALSE);I then get the path to the root of the drupal install... Pass NULL to the delete functions and baaad stuff happens. It has been fixed in PHP 5.3 http://php.net/manual/en/function.realpath.php but drupal 7 supports PHP 5.2.
I wrote a patch that just checks if the variable passed is not empty. It seems that the stream wrappers are not affected by the bug because they start out doing some string operations to the uri.
Comments
#1
Hmm. Patch was not uploaded. Here it is.
#2
Applied patch & ran test on
file_unmanaged_delete()andfile_unmanaged_delete_recursive()... All passes, 0 fails, 0 exceptions. See attached screen shot of results.#3
Could we add an explicit
@todo Remove when Drupal drops support for PHP 5.2.
to the comment?
Otherwise looks like the proper fix.
#4
Added the @todo in the comment.
#5
I don't have a BSD system to check on, but the fix looks sane and it's documented on the php.net docs themselves, so RTBC.
#6
Committed to CVS HEAD. Thanks.
#7
Automatically closed -- issue fixed for 2 weeks with no activity.