do not search in $PATH entries not allowed by open_basedir

xabbuh · xabbuh · commit 3defaed1c7d5 · 2024-08-14T12:16:46.000+02:00
diff --git a/src/Symfony/Component/Process/ExecutableFinder.php b/src/Symfony/Component/Process/ExecutableFinder.php
@@ -48,9 +48,23 @@ public function addSuffix(string $suffix)
      */
     public function find(string $name, ?string $default = null, array $extraDirs = [])
     {
+        $dirs = array_merge(
+            explode(\PATH_SEPARATOR, getenv('PATH') ?: getenv('Path')),
+            $extraDirs
+        );
+
         if (\ini_get('open_basedir')) {
             $searchPath = array_merge(explode(\PATH_SEPARATOR, \ini_get('open_basedir')), $extraDirs);
-            $dirs = [];
+            foreach ($dirs as $index => $dir) {
+                foreach ($searchPath as $path) {
+                    if (str_starts_with($dir, $path)) {
+                        continue 2;
+                    }
+                }
+
+                unset($dirs[$index]);
+            }
+
             foreach ($searchPath as $path) {
                 // Silencing against https://bugs.php.net/69240
                 if (@is_dir($path)) {
@@ -61,11 +75,6 @@ public function find(string $name, ?string $default = null, array $extraDirs = [
                     }
                 }
             }
-        } else {
-            $dirs = array_merge(
-                explode(\PATH_SEPARATOR, getenv('PATH') ?: getenv('Path')),
-                $extraDirs
-            );
         }
 
         $suffixes = [''];
diff --git a/src/Symfony/Component/Process/Tests/ExecutableFinderTest.php b/src/Symfony/Component/Process/Tests/ExecutableFinderTest.php
@@ -109,18 +109,43 @@ public function testFindWithOpenBaseDir()
             $this->markTestSkipped('Cannot test when open_basedir is set');
         }
 
-        $initialOpenBaseDir = ini_set('open_basedir', \dirname(\PHP_BINARY).\PATH_SEPARATOR.'/');
+        $initialOpenBaseDir = ini_set('open_basedir', \dirname(\PHP_BINARY).\PATH_SEPARATOR.sys_get_temp_dir().\PATH_SEPARATOR.getcwd());
 
         try {
             $finder = new ExecutableFinder();
             $result = $finder->find($this->getPhpBinaryName());
-
             $this->assertSamePath(\PHP_BINARY, $result);
         } finally {
             ini_set('open_basedir', $initialOpenBaseDir);
         }
     }
 
+    /**
+     * @runInSeparateProcess
+     */
+    public function testFindWithSubdirectoryOfOpenBaseDir()
+    {
+        if (\ini_get('open_basedir')) {
+            $this->markTestSkipped('Cannot test when open_basedir is set');
+        }
+
+        $paths = explode(\PATH_SEPARATOR, getenv('PATH'));
+        $phpBinaryPath = \dirname(\PHP_BINARY);
+
+        if (!in_array($phpBinaryPath, $paths, true)) {
+            $paths[] = $phpBinaryPath;
+        }
+
+        $this->setPath(implode(\PATH_SEPARATOR, $paths));
+
+        ini_set('open_basedir', \dirname(\dirname(\PHP_BINARY)).\PATH_SEPARATOR.sys_get_temp_dir().\PATH_SEPARATOR.getcwd());
+
+        $finder = new ExecutableFinder();
+        $result = $finder->find($this->getPhpBinaryName());
+
+        $this->assertSamePath(\PHP_BINARY, $result);
+    }
+
     /**
      * @runInSeparateProcess
      */
