[php-maint] Bug#447432: suhosin patch breaks realpath() royally

Steve Langasek vorlon at debian.org
Sun Oct 21 08:16:08 UTC 2007 

Package: php5
Version: 5.2.4-1
Severity: important

The suhosin patch that's been applied to the Debian packages breaks
realpath()'s resolution of filenames where the last component of the path
(the filename) is a symlink.  This causes all but two of the readlink tests
in ext/standard/tests/file to fail in the current build, e.g.
<http://buildd.debian.org/fetch.cgi?pkg=php5&arch=alpha&ver=5.2.4-1&stamp=1190131371&file=log&as=rawhttp://buildd.debian.org/fetch.cgi?pkg=php5&arch=alpha&ver=5.2.4-1&stamp=1190131371&file=log&as=raw>:

TEST 2628/3217 [ext/standard/tests/file/readlink_realpath_basic1.phpt]
FAIL Test readlink() and realpath functions: basic functionality - diff. path notation for links [ext/standard/tests/file/readlink_realpath_basic1.phpt] 
TEST 2629/3217 [ext/standard/tests/file/readlink_realpath_basic2.phpt]
FAIL Test readlink() and realpath functions: basic functionality - diff. path notation for files [ext/standard/tests/file/readlink_realpath_basic2.phpt] 
TEST 2630/3217 [ext/standard/tests/file/readlink_realpath_error.phpt]
PASS Test readlink() and realpath() functions: error conditions [ext/standard/tests/file/readlink_realpath_error.phpt] 
TEST 2631/3217 [ext/standard/tests/file/readlink_realpath_variation1.phpt]
FAIL Test readlink() and realpath() functions: usage variation - linkname/filename stored in object [ext/standard/tests/file/readlink_realpath_variation1.phpt] 
TEST 2632/3217 [ext/standard/tests/file/readlink_realpath_variation2.phpt]
FAIL Test readlink() and realpath() functions: usage variation - linkname/filename stored in array [ext/standard/tests/file/readlink_realpath_variation2.phpt] 
TEST 2633/3217 [ext/standard/tests/file/readlink_realpath_variation3.phpt]
PASS Test readlink() and realpath() functions: usage variation - invalid args [ext/standard/tests/file/readlink_realpath_variation3.phpt] 

I think the suhosin patch should be unapplied until it stops causing
regressions in such straightforward functions.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon at debian.org                                   http://www.debian.org/

More information about the pkg-php-maint mailing list