Fix to not follow symlinks causes PHP readdir/closedir warnings [#693966]

Since this commit to not follow symlinks, I see these PHP warnings on any sort of chown/chmod/chgrp, i.e during an Install or Verify task:

Including /var/aegir/.drush/provision/web_server/install.provision.inc
Including /var/aegir/.drush/provision/platform/install.provision.inc
Including /var/aegir/.drush/provision/db_server/install.provision.inc
Created sites/d6-1.mig5-forge.net
Changed permissions of sites/d6-1.mig5-forge.net to 0755
Created sites/d6-1.mig5-forge.net/themes
Changed permissions of sites/d6-1.mig5-forge.net/themes to 2775
Created sites/d6-1.mig5-forge.net/modules
Changed permissions of sites/d6-1.mig5-forge.net/modules to 2775
Created sites/d6-1.mig5-forge.net/libraries
Changed permissions of sites/d6-1.mig5-forge.net/libraries to 2775
Created sites/d6-1.mig5-forge.net/files
Changed permissions of sites/d6-1.mig5-forge.net/files to 2770
Created sites/d6-1.mig5-forge.net/files/tmp
Changed permissions of sites/d6-1.mig5-forge.net/files/tmp to 2770
Created sites/d6-1.mig5-forge.net/files/images
Changed permissions of sites/d6-1.mig5-forge.net/files/images to 2770
Created sites/d6-1.mig5-forge.net/files/pictures
Changed permissions of sites/d6-1.mig5-forge.net/files/pictures to 2770
Created sites/d6-1.mig5-forge.net/private
Changed permissions of sites/d6-1.mig5-forge.net/private to 0755
Created sites/d6-1.mig5-forge.net/private/files
Changed permissions of sites/d6-1.mig5-forge.net/private/files to 2770
Created sites/d6-1.mig5-forge.net/private/temp
Changed permissions of sites/d6-1.mig5-forge.net/private/temp to 2770
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed ownership of sites/d6-1.mig5-forge.net/files
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed ownership of sites/d6-1.mig5-forge.net/files/tmp
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed ownership of sites/d6-1.mig5-forge.net/files/images
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed ownership of sites/d6-1.mig5-forge.net/files/pictures
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed ownership of sites/d6-1.mig5-forge.net/private
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed ownership of sites/d6-1.mig5-forge.net/private/files
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed ownership of sites/d6-1.mig5-forge.net/private/temp
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed group ownership of sites/d6-1.mig5-forge.net/files
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed group ownership of sites/d6-1.mig5-forge.net/files/tmp
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed group ownership of sites/d6-1.mig5-forge.net/files/images
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed group ownership of sites/d6-1.mig5-forge.net/files/pictures
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed group ownership of sites/d6-1.mig5-forge.net/private/files
readdir(): supplied argument is not a valid Directory resource
closedir(): supplied argument is not a valid Directory resource
Changed group ownership of sites/d6-1.mig5-forge.net/private/temp
Granting privileges to site_71@localhost on site_71

Just warnings, not fatal, and nothing appears out of the ordinary permissions-wise. Reverting that commit stops it, not sure whether or not it is something to be worried about.

Comments

Comment #1

Anonymous (not verified) commented 24 January 2010 at 14:17

Title:

Fix to not follow symlinks causes PHP opendir/readdir/closedir warnings

» Fix to not follow symlinks causes PHP readdir/closedir warnings

Correction: doesn't occur on opendir(), only readdir() and closedir() - then I see that opendir() is called as @opendir() which is perhaps simply silencing errors

Comment #2

Anonymous (not verified) commented 24 January 2010 at 14:22

Would this work better or does it cause a regression? I wasn't sure how best to test the negative side-effect of symlinks here, though I did try and all seemed well.

All I'm doing is checking if it's a link prior to calling opendir

function _provision_call_recursive($func, $path, $arg) {
  $status = 1;
  // do not follow symlinks as it could lead to a DOS attack
  // consider someone creating a symlink from files/foo to ..: it would create an infinite loop
  if (!is_link($path)) {
    if ($dh = @opendir($path)) {
      while (($file = readdir($dh)) !== false) {
        if ($file != '.' && $file != '..') {
          $status = _provision_call_recursive($func, $path . "/" . $file, $arg) && $status;
        }
      }
      closedir($dh);
    }
  }
  $status = $func($path, $arg) && $status;
  return $status;
}

Comment #3

anarcat commented 26 January 2010 at 01:58

Assigned:

Unassigned

» anarcat

I'll fix this, my very own regression. :)

Comment #4

anarcat commented 26 January 2010 at 02:41

Status:

Active

» Fixed

Fixed in r60b7ea2a64e7 Sorry for the noise.

Comment #5

9 February 2010 at 02:50

Status:

Fixed

» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

Comment #6

12 June 2014 at 08:41

Commit f25a274 on debian, dev-dns, dev-envobject, dev-koumbit, dev-log_directory, dev-migrate_aliases, dev-multiserver-install, dev-newhooks, dev-nginx, dev-platform_management, dev-ports, dev-purgebackup, dev-restore, dev-services, dev-simplerinstaller, dev-site_rename, dev-ssl, dev_716166_apache_conf, dev_dns, dev_server_verify, prod-koumbit, dev-ssl-ip-allocation-refactor, dev-1205458-move_sites_out_of_platforms, 7.x-3.x, dev-subdir-multiserver, 6.x-2.x-backports, dev-helmo-3.x by anarcat:
```
#693966 - do not opendir() without a closedir() in recursive calls

this...
```
Commit e93fbeb on debian, dev-dns, dev-envobject, dev-koumbit, dev-log_directory, dev-migrate_aliases, dev-multiserver-install, dev-newhooks, dev-nginx, dev-platform_management, dev-ports, dev-purgebackup, dev-restore, dev-services, dev-simplerinstaller, dev-site_rename, dev-ssl, dev_716166_apache_conf, dev_dns, dev_server_verify, prod-koumbit, dev-ssl-ip-allocation-refactor, dev-1205458-move_sites_out_of_platforms, 7.x-3.x, dev-subdir-multiserver, 6.x-2.x-backports, dev-helmo-3.x authored by anarcat:
```
#693966 - do not opendir() without a closedir() in recursive calls

this...
```

Fix to not follow symlinks causes PHP readdir/closedir warnings

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

News items

Our community

Documentation

Drupal code base

Governance of community