PHP bug or what?

Posted: August 17, 2006 in linux

i made a slight mistake on my PHP code this afternoon and some weird thing happened. just to make sure that this was not some random error, i repeated this several times using both my root and regular users to run the program. the same thing came out.

here are the few lines that caused this:

$source=$_FILES[‘$fsource’][‘$name’]; // this is the line where i made the mistake.
move_uploaded_file($_FILES[‘fsource’][‘tmp_name’],$source);
extractExports($source);

simple breakdown on the code:

  • $source is just a pointer to the file w/c gets uploaded. this file is a tar-bzipped archive.
  • the function extractExports($source) is my wrapper to a PEAR class. File_Archive to be exact.
  • the process then extracts the archive into a folder.

the error:

  • $_FILES[‘$fsource’][‘$name’] is obviously wrong.
  • [‘$fsource’] and [‘$name’] should’ve been [‘source’] and [‘name’] instead.

what came out:

etc/
skel/
udev/
rules.d/
…… (*.rules) <– a lot of udev rules for devices
… udev.conf
… fstab
… group
… mtab
… passwd

maybe i should report this ASAP to php.net. has anyone ever encountered anything like this? this might be an exploit or something.

Advertisements
Comments
  1. Anonymous says:

    hoist mia, you’re mocking me, huh! 😛 hehehe.. .

    https://yamz.wordpress.com

  2. MiaCarmel says:

    wow… yamz the php guru.. i’m not worthy.. ^:)^

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s