Skip to content

Fix GH-10370: File corruption in _php_stream_copy_to_stream_ex when using copy_file_range #10440

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Feb 10, 2023
Merged

Fix GH-10370: File corruption in _php_stream_copy_to_stream_ex when using copy_file_range #10440

merged 4 commits into from
Feb 10, 2023

Conversation

nielsdos
Copy link
Member

@nielsdos nielsdos commented Jan 24, 2023
edited
Loading

Fixes GH-10370

copy_file_range can return early without copying all the data. This is
legal behaviour and worked properly, unless the mmap fallback was used.
The mmap fallback would read too much data into the destination,
corrupting the destination file. Furthermore, if the mmap fallback would
fail and have to fallback to the regular file copying mechanism, a
similar issue would occur because both maxlen and haveread are modified.
Furthermore, there was a mmap-resource leak in one of the failure paths of
the mmap fallback code.
This patch fixes these issues. This also adds regression tests using the
new copy_file_range early-return simulation added in the previous
commit.

That being said, we should also look into repeating copy_file_range if the early-return happens because the operation was interrupted. But that should be a separate (feature) PR.

@nielsdos
Add a mechanism in zend_test to simulate early return of copy_file_range
e1ff730
@nielsdos
Fix phpGH-10370: File corruption in _php_stream_copy_to_stream_ex whe…
45fbb89 
…n using copy_file_range

copy_file_range can return early without copying all the data. This is
legal behaviour and worked properly, unless the mmap fallback was used.
The mmap fallback would read too much data into the destination,
corrupting the destination file. Furthermore, if the mmap fallback would
fail and have to fallback to the regular file copying mechanism, a
similar issue would occur because both maxlen and haveread are modified.
Furthermore, there was a mmap-resource in one of the failure paths of
the mmap fallback code.
This patch fixes these issues. This also adds regression tests using the
new copy_file_range early-return simulation added in the previous
commit.
@Girgias Girgias requested review from arnaud-lb and bukka January 24, 2023 23:50
arnaud-lb
arnaud-lb approved these changes Jan 28, 2023
View reviewed changes
Copy link
Member

@arnaud-lb arnaud-lb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me!

Could you add test variants that call stream_copy_to_stream explicitly? So that these tests don't get noop'ed in case the implementation of PharData or file_put_contents change in the future.

@nielsdos
Copy link
Member Author

Thanks for you review.
I changed the test file to be filled with random bytes so the test is more strict and robust.
I also added the additional tests you requested.

This was referenced Feb 7, 2023
Closed
Closed
Merged
@arnaud-lb arnaud-lb merged commit b4db690 into php:PHP-8.2 Feb 10, 2023
@arnaud-lb
Copy link
Member

Thank you!

arnaud-lb added a commit that referenced this pull request Feb 10, 2023
@arnaud-lb
Merge branch 'PHP-8.2'
d49e419 
* PHP-8.2:
  Fix concurrent testing
  [ci skip] NEWS
  Fix GH-10370: File corruption in _php_stream_copy_to_stream_ex when using copy_file_range (#10440)
@nielsdos nielsdos mentioned this pull request Feb 15, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arnaud-lb arnaud-lb arnaud-lb approved these changes

@bukka bukka Awaiting requested review from bukka bukka is a code owner

Assignees
No one assigned
Labels
Extension: zend_test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nielsdos @arnaud-lb