[wp-trac] [WordPress Trac] #33498: get_home_path does not stripslashes $_SERVER['SCRIPT_FILENAME'] before using it

WordPress Trac noreply at wordpress.org
Fri Aug 21 20:54:51 UTC 2015 

#33498: get_home_path does not stripslashes $_SERVER['SCRIPT_FILENAME'] before
using it
----------------------------------------+------------------------------
 Reporter:  handsomejack201             |       Owner:
     Type:  defect (bug)                |      Status:  new
 Priority:  normal                      |   Milestone:  Awaiting Review
Component:  General                     |     Version:  4.3
 Severity:  normal                      |  Resolution:
 Keywords:  has-patch needs-unit-tests  |     Focuses:
----------------------------------------+------------------------------
Changes (by swissspidy):

 * keywords:   => has-patch needs-unit-tests


Old description:

> Hello WordPress support,
> I'm running WordPress on Windows through Webmatrix and IIS Express 8.5
> and FastCGI.
>
> This function has a bug that appears only on windows due to its different
> path formatting and causes the web.config to not be writable on PHP 5.5
> (error from` DOMDocument::load`).
>
> WordPress runs `addslashes` on all `$_SERVER`/`$_GET`/`$_POST` variables
> which places a burden to remember to stripslashes before using any
> variable from it.
>
> The get_home_path() function does not do this before using
> `$_SERVER['SCRIPT_FILENAME']`. This doesn't cause a problem on Linux
> because the path format is not modified by `addslashes`, so it works by
> coincidence.
>
> But on Windows, this causes the path to have double slashes (example:
> `C:\\inetpub\\wordpress`). Then it is passed to trailingslashit which
> gives a weird result:
>
> `C:\\inetpub\\wordpress\`
>
> (apologies, trac is messing up the slashes)
>
> Now, PHP on windows is very tolerant of such paths, but some APIs such as
> `DOMDocument::load` (test on PHP 5.5) returns an error and logs that it
> wasn't able to open the file. This is used by WordPress to save the
> web.config file when it detects IIS.
>
> I have attached a patch that fixes this against WordPress 4.3, but I have
> seen this in 4.2 as well (didn't test with older).

New description:

 Hello WordPress support,
 I'm running WordPress on Windows through Webmatrix and IIS Express 8.5 and
 FastCGI.

 This function has a bug that appears only on windows due to its different
 path formatting and causes the web.config to not be writable on PHP 5.5
 (error from` DOMDocument::load`).

 WordPress runs `addslashes` on all `$_SERVER`/`$_GET`/`$_POST` variables
 which places a burden to remember to stripslashes before using any
 variable from it.

 The `get_home_path()` function does not do this before using
 `$_SERVER['SCRIPT_FILENAME']`. This doesn't cause a problem on Linux
 because the path format is not modified by `addslashes`, so it works by
 coincidence.

 But on Windows, this causes the path to have double slashes (example:
 `C:\\inetpub\\wordpress`). Then it is passed to trailingslashit which
 gives a weird result:

 `C:\\inetpub\\wordpress\`

 (apologies, trac is messing up the slashes)

 Now, PHP on windows is very tolerant of such paths, but some APIs such as
 `DOMDocument::load` (test on PHP 5.5) returns an error and logs that it
 wasn't able to open the file. This is used by WordPress to save the
 web.config file when it detects IIS.

 I have attached a patch that fixes this against WordPress 4.3, but I have
 seen this in 4.2 as well (didn't test with older).

--

--
Ticket URL: <https://core.trac.wordpress.org/ticket/33498#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list