I accidentially passed NULL to file_unmanaged_delete_recursive() and my entire install was deleted. The file rights were probably not set up quite right, but I was wondering how that could happen.
file_unmanaged_delete_recursive() and file_unmanaged_delete() both call drupal_realpath() that call the PHP function realpath().
It turns out that on *BSD systems, the PHP realpath function does not return FALSE on failure as it should. So if I do this on a mac running MAMP:
print realpath(NULL);
print realpath(FALSE);I then get the path to the root of the drupal install... Pass NULL to the delete functions and baaad stuff happens. It has been fixed in PHP 5.3 http://php.net/manual/en/function.realpath.php but drupal 7 supports PHP 5.2.
I wrote a patch that just checks if the variable passed is not empty. It seems that the stream wrappers are not affected by the bug because they start out doing some string operations to the uri.
| Comment | File | Size | Author |
|---|---|---|---|
| #4 | 700160.patch | 999 bytes | naxoc |
| #2 | 700160.png | 87.28 KB | jerdiggity |
| #1 | realpath_bsd.patch | 732 bytes | naxoc |
Comments
Comment #1
naxoc commentedHmm. Patch was not uploaded. Here it is.
Comment #2
jerdiggity commentedApplied patch & ran test on

file_unmanaged_delete()andfile_unmanaged_delete_recursive()... All passes, 0 fails, 0 exceptions. See attached screen shot of results.Comment #3
catchCould we add an explicit
to the comment?
Otherwise looks like the proper fix.
Comment #4
naxoc commentedAdded the @todo in the comment.
Comment #5
catchI don't have a BSD system to check on, but the fix looks sane and it's documented on the php.net docs themselves, so RTBC.
Comment #6
dries commentedCommitted to CVS HEAD. Thanks.