| Anonymous | Login | Signup for a new account | 11-24-2024 14:01 PST |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
| 0003894 | [Quercus] | block | always | 02-18-10 07:36 | 06-22-12 00:04 | ||||
| Reporter | domdorn | View Status | public | ||||||
| Assigned To | nam | ||||||||
| Priority | high | Resolution | unable to reproduce | ||||||
| Status | closed | Product Version | 4.0.11 | ||||||
| Summary | 0003894: Maximum String length of 8KB breaks phorum.org forum software | ||||||||
| Description |
the file in each current phorum.org installation phorum5/include/templates.php contains a method: [code] function phorum_read_file($file) { // Check if the file exists. if (! file_exists($file)) trigger_error( "phorum_get_file_contents: file \"" . htmlspecialchars($file) . "\" " . "does not exist", E_USER_ERROR ); // In case we're handling a zero byte large file, we don't read it in. // Running fread($fp, 0) gives a PHP warning. $size = filesize($file); if ($size == 0) return ""; // $data = readfile($file); // return $data; // Read in the file contents. if (! $fp = fopen($file, "r")) trigger_error( "phorum_get_file_contents: failed to read file " . "\"" . htmlspecialchars($file) . "\"", E_USER_ERROR ); // Strip UTF-8 byte order markers from the files. These only mean // harm for PHP scripts. $data = ''; if ($size >= 3) { $data = fread($fp, 3); if ($data == "\xef\xbb\xbf") { $data = ''; } $size -= 3; } // Read the rest of the file. if ($size > 0) { $data .= fread($fp, $size); } fclose($fp); // code inserted by me start $realFileSize = filesize($file); $readFileSize = 0; mail("removed@host.com", "readfile: $file", "realFileSize: $realFileSize \n Size of read file: $readFileSize\n\n", "From: mymail@myhost.com"); // code inserted by me end return $data; } [/code] supplied with an example file which I'll attach here, quercus only reads exactly 8192 Bytes of that file and deletes the rest which leads to errors. |
||||||||
| Additional Information |
I'm running current trunk in revision 6775 on Glassfish v3. The received mail states: realFileSize: 9537 Size of read file: 8192 |
||||||||
| Attached Files |
 0i82.qa [^] (817 bytes) 09-28-10 07:50 |
||||||||
|
|
|||||||||
 Relationships |
|
|
Notes |
|
|
(0004433) domdorn 02-18-10 07:38 |
File tpl-lyriks.at-posting-4c86722b2ad3c8bae6c585d3ae2fb850.php-stage2 gets created by phorum in the end result. As the original template got truncated after 8kb, the resulting PHP code is invalid. |
|
(0004434) domdorn 02-18-10 08:52 |
Ok, I created a testcase for this, modified the code like that: function phorum_read_file($file, $quercus_max_read_size_at_one_time) { // Check if the file exists. if (! file_exists($file)) trigger_error( "phorum_get_file_contents: file \"" . htmlspecialchars($file) . "\" " . "does not exist", E_USER_ERROR ); // In case we're handling a zero byte large file, we don't read it in. // Running fread($fp, 0) gives a PHP warning. $size = filesize($file); if ($size == 0) return ""; // $data = readfile($file); // return $data; // Read in the file contents. if (! $fp = fopen($file, "r")) trigger_error( "phorum_get_file_contents: failed to read file " . "\"" . htmlspecialchars($file) . "\"", E_USER_ERROR ); // Strip UTF-8 byte order markers from the files. These only mean // harm for PHP scripts. $data = ''; if ($size >= 3) { $data = fread($fp, 3); if ($data == "\xef\xbb\xbf") { $data = ''; } $size -= 3; } ; // Read the rest of the file. while($size > 0) { $remainingSize = $size > $quercus_max_read_size_at_one_time ? $quercus_max_read_size_at_one_time : $size; $data .= fread($fp, $remainingSize); $size -= $remainingSize; } // if ($size > 0 ) { // // $data .= fread($fp, $size); // } fclose($fp); return $data; } quercus returns the correct result only if $quercus_max_read_size_at_one_time is set to 8189, while php returns the correct result with every number > 0 I've created the output for quercus and with native php and put it all runnable into the attached tar.gz file. Please fix asap. I can patch the forum code for now, but I don't know where this issue is still hidden in other php software and no one has the time and knowledge to manually fix it. |
|
(0004678) dunand 07-20-10 10:51 |
This Behavior make Wordpress 3.0 in French unusable because Wordpress is unable to load the translation file fr_FR.mo. The fread funtion read only 8164 bytes but the file is much larger. Quercus 4.0.8 with Tomcat 5.5 or WebSphere 6.1.0.31 |
|
(0004760) domdorn 09-28-10 06:58 |
working on this now. |
|
(0004761) domdorn 09-28-10 07:51 |
added QA file for demonstrating the issue. |
|
(0004762) domdorn 09-28-10 09:51 |
fixed in current SVN Rev. r7556. Should be in 4.0.11 release. |
|
(0004777) domdorn 10-05-10 14:16 |
this introduced a regression with sockets. reopening. |
|
(0005933) nam 06-22-12 00:04 |
Looks fixed as indicated by php/0i82 test case. |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 02-18-10 07:36 | domdorn | New Issue | |
| 02-18-10 07:36 | domdorn | File Added: templates.php | |
| 02-18-10 07:37 | domdorn | File Added: posting.tpl | |
| 02-18-10 07:37 | domdorn | File Added: tpl-lyriks.at-posting-4c86722b2ad3c8bae6c585d3ae2fb850.php | |
| 02-18-10 07:37 | domdorn | File Added: tpl-lyriks.at-posting-4c86722b2ad3c8bae6c585d3ae2fb850.php-stage2 | |
| 02-18-10 07:38 | domdorn | Note Added: 0004433 | |
| 02-18-10 08:52 | domdorn | Note Added: 0004434 | |
| 02-18-10 08:52 | domdorn | File Added: quercus_too_long_file.tar.gz | |
| 07-20-10 10:51 | dunand | Note Added: 0004678 | |
| 07-20-10 10:57 | domdorn | Assigned To | => domdorn |
| 07-20-10 10:57 | domdorn | Priority | normal => high |
| 07-20-10 10:57 | domdorn | Status | new => confirmed |
| 07-20-10 10:57 | domdorn | version | 4.0.4 => 4.0.8 |
| 09-28-10 06:58 | domdorn | Note Added: 0004760 | |
| 09-28-10 07:49 | domdorn | File Deleted: quercus_too_long_file.tar.gz | |
| 09-28-10 07:49 | domdorn | File Deleted: templates.php | |
| 09-28-10 07:49 | domdorn | File Deleted: posting.tpl | |
| 09-28-10 07:49 | domdorn | File Deleted: tpl-lyriks.at-posting-4c86722b2ad3c8bae6c585d3ae2fb850.php | |
| 09-28-10 07:49 | domdorn | File Deleted: tpl-lyriks.at-posting-4c86722b2ad3c8bae6c585d3ae2fb850.php-stage2 | |
| 09-28-10 07:50 | domdorn | File Added: 0i82.qa | |
| 09-28-10 07:51 | domdorn | Note Added: 0004761 | |
| 09-28-10 07:51 | domdorn | Description Updated | |
| 09-28-10 09:51 | domdorn | Note Added: 0004762 | |
| 09-28-10 09:51 | domdorn | Status | confirmed => resolved |
| 09-28-10 09:51 | domdorn | Resolution | open => fixed |
| 09-28-10 09:51 | domdorn | version | 4.0.8 => 4.0.11 |
| 10-05-10 14:16 | domdorn | Status | resolved => feedback |
| 10-05-10 14:16 | domdorn | Resolution | fixed => reopened |
| 10-05-10 14:16 | domdorn | Note Added: 0004777 | |
| 03-22-12 13:43 | domdorn | Assigned To | domdorn => |
| 06-22-12 00:03 | nam | Status | feedback => assigned |
| 06-22-12 00:03 | nam | Assigned To | => nam |
| 06-22-12 00:04 | nam | Status | assigned => closed |
| 06-22-12 00:04 | nam | Note Added: 0005933 | |
| 06-22-12 00:04 | nam | Resolution | reopened => unable to reproduce |
| Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
58 total queries executed. 35 unique queries executed. |  |
