From 12d8be7cfbfc0ec2d8c745ce48e709cadc72f796 Mon Sep 17 00:00:00 2001 From: arshidkv12 Date: Fri, 6 Feb 2026 17:46:09 +0530 Subject: [PATCH 1/3] ext/standard: validate mode is within 0..07777 --- ext/standard/file.c | 5 +++++ ext/standard/tests/file/mkdir_invalid_mode.phpt | 12 ++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 ext/standard/tests/file/mkdir_invalid_mode.phpt diff --git a/ext/standard/file.c b/ext/standard/file.c index a7b73f1fe56eb..ca24b34eb8c4f 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -1087,6 +1087,11 @@ PHP_FUNCTION(mkdir) Z_PARAM_RESOURCE_OR_NULL(zcontext) ZEND_PARSE_PARAMETERS_END(); + if (mode < 0 || (mode & ~07777)) { + zend_argument_value_error(2, "must be between 0 and 0o7777"); + RETURN_THROWS(); + } + context = php_stream_context_from_zval(zcontext, 0); RETURN_BOOL(php_stream_mkdir(dir, (int)mode, (recursive ? PHP_STREAM_MKDIR_RECURSIVE : 0) | REPORT_ERRORS, context)); diff --git a/ext/standard/tests/file/mkdir_invalid_mode.phpt b/ext/standard/tests/file/mkdir_invalid_mode.phpt new file mode 100644 index 0000000000000..ffabfe7b6999f --- /dev/null +++ b/ext/standard/tests/file/mkdir_invalid_mode.phpt @@ -0,0 +1,12 @@ +--TEST-- +mkdir(): invalid mode +--FILE-- +getMessage(), PHP_EOL; +} +?> +--EXPECT-- +mkdir(): Argument #2 ($permissions) must be between 0 and 0o7777 \ No newline at end of file From ea473b7b85318b0b6103f2cd3784b97629444d03 Mon Sep 17 00:00:00 2001 From: arshidkv12 Date: Fri, 6 Feb 2026 17:47:39 +0530 Subject: [PATCH 2/3] ext/standard: validate mode is within 0..07777 --- ext/standard/tests/file/mkdir_invalid_mode.phpt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/standard/tests/file/mkdir_invalid_mode.phpt b/ext/standard/tests/file/mkdir_invalid_mode.phpt index ffabfe7b6999f..b45ad204cb3e1 100644 --- a/ext/standard/tests/file/mkdir_invalid_mode.phpt +++ b/ext/standard/tests/file/mkdir_invalid_mode.phpt @@ -9,4 +9,4 @@ try { } ?> --EXPECT-- -mkdir(): Argument #2 ($permissions) must be between 0 and 0o7777 \ No newline at end of file +mkdir(): Argument #2 ($permissions) must be between 0 and 0o7777 From 9e68baeb8f323df56074abdddc18a6c0d1e6aaa6 Mon Sep 17 00:00:00 2001 From: arshidkv12 Date: Sun, 8 Feb 2026 06:35:04 +0530 Subject: [PATCH 3/3] ext/stamdard: Fix mkdir() invalid mode error handling --- .../tests/file/mkdir_invalid_mode.phpt | 30 ++++++++++++++++--- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/ext/standard/tests/file/mkdir_invalid_mode.phpt b/ext/standard/tests/file/mkdir_invalid_mode.phpt index b45ad204cb3e1..c36a8f6c4b846 100644 --- a/ext/standard/tests/file/mkdir_invalid_mode.phpt +++ b/ext/standard/tests/file/mkdir_invalid_mode.phpt @@ -2,11 +2,33 @@ mkdir(): invalid mode --FILE-- getMessage(), PHP_EOL; +$testCases = [ + 1000000, // way too large + -1, // negative + 0o10000, // above 0o7777 + 0x1FFFF, // hex, still too large + 12345, // arbitrary invalid +]; + +foreach ($testCases as $mode) { + try { + echo "Testing mode: $mode\n"; + mkdir(__DIR__ . "/testdir_$mode", $mode); + } catch (ValueError $e) { + echo $e->getMessage(), PHP_EOL; + } catch (Exception $e) { + echo "Other exception: ", $e->getMessage(), PHP_EOL; + } } ?> --EXPECT-- +Testing mode: 1000000 +mkdir(): Argument #2 ($permissions) must be between 0 and 0o7777 +Testing mode: -1 +mkdir(): Argument #2 ($permissions) must be between 0 and 0o7777 +Testing mode: 4096 +mkdir(): Argument #2 ($permissions) must be between 0 and 0o7777 +Testing mode: 131071 +mkdir(): Argument #2 ($permissions) must be between 0 and 0o7777 +Testing mode: 12345 mkdir(): Argument #2 ($permissions) must be between 0 and 0o7777