[pmwiki-users] Bug: mkdirp crashes
Joachim Durchholz
jo at durchholz.org
Sat Apr 9 15:58:42 CDT 2005
Hi all,
there's a bug in mkdirp that will make it recurse endlessly trying to
create directory '.', resulting in the error message:
Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to
allocate 10 bytes) in /path/to/pmwiki/pmwiki.php on line 365
The bug will probably turn up only under unusual permission/ownership
settings (I just inadvertently unpacked the .tgz using the wrong userid,
and PmWiki ran just fine before that).
Fix:
In function "mkdirp", change line 365 to read
if ($dir == '.' || file_exists($dir)) return;
(the check for '.' is new).
This is just a symptom-suppression fix. All it does is allowing PmWiki
to run to completion or to a point where the permission/ownership
problem really matters.
When applied, I get the following messages:
--- snip ---
Warning: mkdir(): SAFE MODE Restriction in effect. The script whose uid
is 502 is not allowed to access wiki.d owned by uid 639 in
/home/htdocs/web2/html/shamanca/pmwiki/pmwiki.php on line 368
Warning: fileperms(): SAFE MODE Restriction in effect. The script whose
uid is 502 is not allowed to access
/home/htdocs/web2/html/shamanca/pmwiki owned by uid 30 in
/home/htdocs/web2/html/shamanca/pmwiki/pmwiki.php on line 374
PmWiki can't process your request
PmWiki needs to have a writable wiki.d/ directory before it can
continue. [...]
--- snip ---
I also noted a few minor bugs and nits to pick in mkdirp. I don't know
whether any of these are relevant, so I simply list all of them.
1) $safemode is always initialised, but not used unless an error occurs.
2) In case of problems, $perms is calculated, but not used unless PHP is
running in safe mode.
3) Directories are created with mode 0777 (rwxrwxrwx). This opens a
small window of vulnerability until the permissions are fixed. It's
probably better if the directories are created with mode 0000. (This
might be more difficult to fix than what it's worth, but it's definitely
something to fix as soon as crackers start to target PmWiki.)
4) I don't know why mkdirp tries to create '.'. Must be some borderline
behavior of dirname, mkdir, or fixperms.
5) If mkdirp fails due to owner mismatch problems, it shouldn't output a
message telling the administrator that he can fix the problem with a
chmod. No message would be better, pointing the admin to chown (resp.
"rm -rf" followed by "su" or "sudo") would be best.
Regards,
Jo
More information about the pmwiki-users
mailing list