Back to index

php5  5.3.10
mod_files.c
Go to the documentation of this file.
00001 /*
00002    +----------------------------------------------------------------------+
00003    | PHP Version 5                                                        |
00004    +----------------------------------------------------------------------+
00005    | Copyright (c) 1997-2012 The PHP Group                                |
00006    +----------------------------------------------------------------------+
00007    | This source file is subject to version 3.01 of the PHP license,      |
00008    | that is bundled with this package in the file LICENSE, and is        |
00009    | available through the world-wide-web at the following url:           |
00010    | http://www.php.net/license/3_01.txt                                  |
00011    | If you did not receive a copy of the PHP license and are unable to   |
00012    | obtain it through the world-wide-web, please send a note to          |
00013    | license@php.net so we can mail you a copy immediately.               |
00014    +----------------------------------------------------------------------+
00015    | Author: Sascha Schumann <sascha@schumann.cx>                         |
00016    +----------------------------------------------------------------------+
00017  */
00018 
00019 /* $Id: mod_files.c 321634 2012-01-01 13:15:04Z felipe $ */
00020 
00021 #include "php.h"
00022 
00023 #include <sys/stat.h>
00024 #include <sys/types.h>
00025 
00026 #if HAVE_SYS_FILE_H
00027 #include <sys/file.h>
00028 #endif
00029 
00030 #if HAVE_DIRENT_H
00031 #include <dirent.h>
00032 #endif
00033 
00034 #ifdef PHP_WIN32
00035 #include "win32/readdir.h"
00036 #endif
00037 #include <time.h>
00038 
00039 #include <fcntl.h>
00040 #include <errno.h>
00041 
00042 #if HAVE_UNISTD_H
00043 #include <unistd.h>
00044 #endif
00045 
00046 #include "php_session.h"
00047 #include "mod_files.h"
00048 #include "ext/standard/flock_compat.h"
00049 #include "php_open_temporary_file.h"
00050 
00051 #define FILE_PREFIX "sess_"
00052 
00053 typedef struct {
00054        int fd;
00055        char *lastkey;
00056        char *basedir;
00057        size_t basedir_len;
00058        size_t dirdepth;
00059        size_t st_size;
00060        int filemode;
00061 } ps_files;
00062 
00063 ps_module ps_mod_files = {
00064        PS_MOD(files)
00065 };
00066 
00067 /* If you change the logic here, please also update the error message in
00068  * ps_files_open() appropriately */
00069 static int ps_files_valid_key(const char *key)
00070 {
00071        size_t len;
00072        const char *p;
00073        char c;
00074        int ret = 1;
00075 
00076        for (p = key; (c = *p); p++) {
00077               /* valid characters are a..z,A..Z,0..9 */
00078               if (!((c >= 'a' && c <= 'z')
00079                             || (c >= 'A' && c <= 'Z')
00080                             || (c >= '0' && c <= '9')
00081                             || c == ','
00082                             || c == '-')) {
00083                      ret = 0;
00084                      break;
00085               }
00086        }
00087 
00088        len = p - key;
00089 
00090        /* Somewhat arbitrary length limit here, but should be way more than
00091           anyone needs and avoids file-level warnings later on if we exceed MAX_PATH */
00092        if (len == 0 || len > 128) {
00093               ret = 0;
00094        }
00095 
00096        return ret;
00097 }
00098 
00099 static char *ps_files_path_create(char *buf, size_t buflen, ps_files *data, const char *key)
00100 {
00101        size_t key_len;
00102        const char *p;
00103        int i;
00104        int n;
00105 
00106        key_len = strlen(key);
00107        if (key_len <= data->dirdepth ||
00108               buflen < (strlen(data->basedir) + 2 * data->dirdepth + key_len + 5 + sizeof(FILE_PREFIX))) {
00109               return NULL;
00110        }
00111 
00112        p = key;
00113        memcpy(buf, data->basedir, data->basedir_len);
00114        n = data->basedir_len;
00115        buf[n++] = PHP_DIR_SEPARATOR;
00116        for (i = 0; i < (int)data->dirdepth; i++) {
00117               buf[n++] = *p++;
00118               buf[n++] = PHP_DIR_SEPARATOR;
00119        }
00120        memcpy(buf + n, FILE_PREFIX, sizeof(FILE_PREFIX) - 1);
00121        n += sizeof(FILE_PREFIX) - 1;
00122        memcpy(buf + n, key, key_len);
00123        n += key_len;
00124        buf[n] = '\0';
00125 
00126        return buf;
00127 }
00128 
00129 #ifndef O_BINARY
00130 # define O_BINARY 0
00131 #endif
00132 
00133 static void ps_files_close(ps_files *data)
00134 {
00135        if (data->fd != -1) {
00136 #ifdef PHP_WIN32
00137               /* On Win32 locked files that are closed without being explicitly unlocked
00138                  will be unlocked only when "system resources become available". */
00139               flock(data->fd, LOCK_UN);
00140 #endif
00141               close(data->fd);
00142               data->fd = -1;
00143        }
00144 }
00145 
00146 static void ps_files_open(ps_files *data, const char *key TSRMLS_DC)
00147 {
00148        char buf[MAXPATHLEN];
00149 
00150        if (data->fd < 0 || !data->lastkey || strcmp(key, data->lastkey)) {
00151               if (data->lastkey) {
00152                      efree(data->lastkey);
00153                      data->lastkey = NULL;
00154               }
00155 
00156               ps_files_close(data);
00157 
00158               if (!ps_files_valid_key(key)) {
00159                      php_error_docref(NULL TSRMLS_CC, E_WARNING, "The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'");
00160                      PS(invalid_session_id) = 1;
00161                      return;
00162               }
00163               if (!ps_files_path_create(buf, sizeof(buf), data, key)) {
00164                      return;
00165               }
00166 
00167               data->lastkey = estrdup(key);
00168 
00169               data->fd = VCWD_OPEN_MODE(buf, O_CREAT | O_RDWR | O_BINARY, data->filemode);
00170 
00171               if (data->fd != -1) {
00172 #ifndef PHP_WIN32
00173                      /* check to make sure that the opened file is not a symlink, linking to data outside of allowable dirs */
00174                      if (PG(safe_mode) || PG(open_basedir)) {
00175                             struct stat sbuf;
00176 
00177                             if (fstat(data->fd, &sbuf)) {
00178                                    close(data->fd);
00179                                    return;
00180                             }
00181                             if (
00182                                    S_ISLNK(sbuf.st_mode) &&
00183                                    (
00184                                           php_check_open_basedir(buf TSRMLS_CC) ||
00185                                           (PG(safe_mode) && !php_checkuid(buf, NULL, CHECKUID_CHECK_FILE_AND_DIR))
00186                                    )
00187                             ) {
00188                                    close(data->fd);
00189                                    return;
00190                             }
00191                      }
00192 #endif
00193                      flock(data->fd, LOCK_EX);
00194 
00195 #ifdef F_SETFD
00196 # ifndef FD_CLOEXEC
00197 #  define FD_CLOEXEC 1
00198 # endif
00199                      if (fcntl(data->fd, F_SETFD, FD_CLOEXEC)) {
00200                             php_error_docref(NULL TSRMLS_CC, E_WARNING, "fcntl(%d, F_SETFD, FD_CLOEXEC) failed: %s (%d)", data->fd, strerror(errno), errno);
00201                      }
00202 #endif
00203               } else {
00204                      php_error_docref(NULL TSRMLS_CC, E_WARNING, "open(%s, O_RDWR) failed: %s (%d)", buf, strerror(errno), errno);
00205               }
00206        }
00207 }
00208 
00209 static int ps_files_cleanup_dir(const char *dirname, int maxlifetime TSRMLS_DC)
00210 {
00211        DIR *dir;
00212        char dentry[sizeof(struct dirent) + MAXPATHLEN];
00213        struct dirent *entry = (struct dirent *) &dentry;
00214        struct stat sbuf;
00215        char buf[MAXPATHLEN];
00216        time_t now;
00217        int nrdels = 0;
00218        size_t dirname_len;
00219 
00220        dir = opendir(dirname);
00221        if (!dir) {
00222               php_error_docref(NULL TSRMLS_CC, E_NOTICE, "ps_files_cleanup_dir: opendir(%s) failed: %s (%d)", dirname, strerror(errno), errno);
00223               return (0);
00224        }
00225 
00226        time(&now);
00227 
00228        dirname_len = strlen(dirname);
00229 
00230        /* Prepare buffer (dirname never changes) */
00231        memcpy(buf, dirname, dirname_len);
00232        buf[dirname_len] = PHP_DIR_SEPARATOR;
00233 
00234        while (php_readdir_r(dir, (struct dirent *) dentry, &entry) == 0 && entry) {
00235               /* does the file start with our prefix? */
00236               if (!strncmp(entry->d_name, FILE_PREFIX, sizeof(FILE_PREFIX) - 1)) {
00237                      size_t entry_len = strlen(entry->d_name);
00238 
00239                      /* does it fit into our buffer? */
00240                      if (entry_len + dirname_len + 2 < MAXPATHLEN) {
00241                             /* create the full path.. */
00242                             memcpy(buf + dirname_len + 1, entry->d_name, entry_len);
00243 
00244                             /* NUL terminate it and */
00245                             buf[dirname_len + entry_len + 1] = '\0';
00246 
00247                             /* check whether its last access was more than maxlifet ago */
00248                             if (VCWD_STAT(buf, &sbuf) == 0 &&
00249                                           (now - sbuf.st_mtime) > maxlifetime) {
00250                                    VCWD_UNLINK(buf);
00251                                    nrdels++;
00252                             }
00253                      }
00254               }
00255        }
00256 
00257        closedir(dir);
00258 
00259        return (nrdels);
00260 }
00261 
00262 #define PS_FILES_DATA ps_files *data = PS_GET_MOD_DATA()
00263 
00264 PS_OPEN_FUNC(files)
00265 {
00266        ps_files *data;
00267        const char *p, *last;
00268        const char *argv[3];
00269        int argc = 0;
00270        size_t dirdepth = 0;
00271        int filemode = 0600;
00272 
00273        if (*save_path == '\0') {
00274               /* if save path is an empty string, determine the temporary dir */
00275               save_path = php_get_temporary_directory();
00276 
00277               if (PG(safe_mode) && (!php_checkuid(save_path, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
00278                      return FAILURE;
00279               }
00280               if (php_check_open_basedir(save_path TSRMLS_CC)) {
00281                      return FAILURE;
00282               }
00283        }
00284 
00285        /* split up input parameter */
00286        last = save_path;
00287        p = strchr(save_path, ';');
00288        while (p) {
00289               argv[argc++] = last;
00290               last = ++p;
00291               p = strchr(p, ';');
00292               if (argc > 1) break;
00293        }
00294        argv[argc++] = last;
00295 
00296        if (argc > 1) {
00297               errno = 0;
00298               dirdepth = (size_t) strtol(argv[0], NULL, 10);
00299               if (errno == ERANGE) {
00300                      php_error(E_WARNING, "The first parameter in session.save_path is invalid");
00301                      return FAILURE;
00302               }
00303        }
00304 
00305        if (argc > 2) {
00306               errno = 0;
00307               filemode = strtol(argv[1], NULL, 8);
00308               if (errno == ERANGE || filemode < 0 || filemode > 07777) {
00309                      php_error(E_WARNING, "The second parameter in session.save_path is invalid");
00310                      return FAILURE;
00311               }
00312        }
00313        save_path = argv[argc - 1];
00314 
00315        data = ecalloc(1, sizeof(*data));
00316 
00317        data->fd = -1;
00318        data->dirdepth = dirdepth;
00319        data->filemode = filemode;
00320        data->basedir_len = strlen(save_path);
00321        data->basedir = estrndup(save_path, data->basedir_len);
00322 
00323        PS_SET_MOD_DATA(data);
00324 
00325        return SUCCESS;
00326 }
00327 
00328 PS_CLOSE_FUNC(files)
00329 {
00330        PS_FILES_DATA;
00331 
00332        ps_files_close(data);
00333 
00334        if (data->lastkey) {
00335               efree(data->lastkey);
00336        }
00337 
00338        efree(data->basedir);
00339        efree(data);
00340        *mod_data = NULL;
00341 
00342        return SUCCESS;
00343 }
00344 
00345 PS_READ_FUNC(files)
00346 {
00347        long n;
00348        struct stat sbuf;
00349        PS_FILES_DATA;
00350 
00351        ps_files_open(data, key TSRMLS_CC);
00352        if (data->fd < 0) {
00353               return FAILURE;
00354        }
00355 
00356        if (fstat(data->fd, &sbuf)) {
00357               return FAILURE;
00358        }
00359 
00360        data->st_size = *vallen = sbuf.st_size;
00361 
00362        if (sbuf.st_size == 0) {
00363               *val = STR_EMPTY_ALLOC();
00364               return SUCCESS;
00365        }
00366 
00367        *val = emalloc(sbuf.st_size);
00368 
00369 #if defined(HAVE_PREAD)
00370        n = pread(data->fd, *val, sbuf.st_size, 0);
00371 #else
00372        lseek(data->fd, 0, SEEK_SET);
00373        n = read(data->fd, *val, sbuf.st_size);
00374 #endif
00375 
00376        if (n != sbuf.st_size) {
00377               if (n == -1) {
00378                      php_error_docref(NULL TSRMLS_CC, E_WARNING, "read failed: %s (%d)", strerror(errno), errno);
00379               } else {
00380                      php_error_docref(NULL TSRMLS_CC, E_WARNING, "read returned less bytes than requested");
00381               }
00382               efree(*val);
00383               return FAILURE;
00384        }
00385 
00386        return SUCCESS;
00387 }
00388 
00389 PS_WRITE_FUNC(files)
00390 {
00391        long n;
00392        PS_FILES_DATA;
00393 
00394        ps_files_open(data, key TSRMLS_CC);
00395        if (data->fd < 0) {
00396               return FAILURE;
00397        }
00398 
00399        /* Truncate file if the amount of new data is smaller than the existing data set. */
00400 
00401        if (vallen < (int)data->st_size) {
00402               ftruncate(data->fd, 0);
00403        }
00404 
00405 #if defined(HAVE_PWRITE)
00406        n = pwrite(data->fd, val, vallen, 0);
00407 #else
00408        lseek(data->fd, 0, SEEK_SET);
00409        n = write(data->fd, val, vallen);
00410 #endif
00411 
00412        if (n != vallen) {
00413               if (n == -1) {
00414                      php_error_docref(NULL TSRMLS_CC, E_WARNING, "write failed: %s (%d)", strerror(errno), errno);
00415               } else {
00416                      php_error_docref(NULL TSRMLS_CC, E_WARNING, "write wrote less bytes than requested");
00417               }
00418               return FAILURE;
00419        }
00420 
00421        return SUCCESS;
00422 }
00423 
00424 PS_DESTROY_FUNC(files)
00425 {
00426        char buf[MAXPATHLEN];
00427        PS_FILES_DATA;
00428 
00429        if (!ps_files_path_create(buf, sizeof(buf), data, key)) {
00430               return FAILURE;
00431        }
00432 
00433        if (data->fd != -1) {
00434               ps_files_close(data);
00435 
00436               if (VCWD_UNLINK(buf) == -1) {
00437                      /* This is a little safety check for instances when we are dealing with a regenerated session
00438                       * that was not yet written to disk. */
00439                      if (!VCWD_ACCESS(buf, F_OK)) {
00440                             return FAILURE;
00441                      }
00442               }
00443        }
00444 
00445        return SUCCESS;
00446 }
00447 
00448 PS_GC_FUNC(files)
00449 {
00450        PS_FILES_DATA;
00451 
00452        /* we don't perform any cleanup, if dirdepth is larger than 0.
00453           we return SUCCESS, since all cleanup should be handled by
00454           an external entity (i.e. find -ctime x | xargs rm) */
00455 
00456        if (data->dirdepth == 0) {
00457               *nrdels = ps_files_cleanup_dir(data->basedir, maxlifetime TSRMLS_CC);
00458        }
00459 
00460        return SUCCESS;
00461 }
00462 
00463 /*
00464  * Local variables:
00465  * tab-width: 4
00466  * c-basic-offset: 4
00467  * End:
00468  * vim600: sw=4 ts=4 fdm=marker
00469  * vim<600: sw=4 ts=4
00470  */