Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-72292

open_basedir warning when a variable is null, leading to calling is_readable on /db/renamedclasses.php on the root of the system

    XMLWordPrintable

Details

    • MOODLE_311_STABLE
    • MOODLE_311_STABLE, MOODLE_400_STABLE
    • MDL-72292-311
    • MDL-72292-400
    • MDL-72292-master
    • Hide

      Setup

      • Clone a moodle instance, but don't install yet.
      • In your webserver, enable the open_basedir setting in php.ini and set it to the site you just cloned, in the example below the new site created is named testing72292

        ; open_basedir, if set, limits all file operations to the defined directory
        ; and below.  This directive makes most sense if used in a per-directory
        ; or per-virtualhost web server configuration file.
        ; Note: disables the realpath cache
        ; http://php.net/open-basedir
        open_basedir = /home/simey/moodles/testing72292/moodle:/home/simey/moodles/testing72292/moodledata
        

      • Restart your PHP environment so that the change takes effect
      • Ensure PHP debugging is enabled.

      Testing

      • Start the Moodle installation and watch the output closely
      • Verify that you do not see any warnings which say something like:

        is_readable(): open_basedir restriction in effect. File(/db/renamedclasses.php) is not within the allowed path(s): (/path/to/your/moodle/wwwroot/:/path/to/your/moodledatadirectory/).
        

      Show
      Setup Clone a moodle instance, but don't install yet . In your webserver, enable the open_basedir setting in php.ini  and set it to the site you just cloned, in the example below the new site created is named testing72292 ; open_basedir, if set, limits all file operations to the defined directory ; and below. This directive makes most sense if used in a per-directory ; or per-virtualhost web server configuration file. ; Note: disables the realpath cache ; http://php.net/open-basedir open_basedir = /home/simey/moodles/testing72292/moodle:/home/simey/moodles/testing72292/moodledata Restart your PHP environment so that the change takes effect Ensure PHP debugging is enabled. Testing Start the Moodle installation and watch the output closely Verify that you do not see any warnings which say something like: is_readable(): open_basedir restriction in effect. File(/db/renamedclasses.php) is not within the allowed path(s): (/path/to/your/moodle/wwwroot/:/path/to/your/moodledatadirectory/).

    Description

      First of all, my apologies if any of this is not correct, this is my first creation of an issue after working with moodle for some time.

      The function fill_classmap_renames_cache() in /lib/classes/component.php iterates over the subsystems variable, but being some subsystems NULL, in some instances, the function load_renamed_classes() will be called with $fulldir being NULL.

      Inside the function load_renamed_classes(), is_readable($file) will be called with $file = $fulldir . '/db/renamedclasses.php', but with $fulldir being NULL in some instances, is_readable() will check if /db/renamedclasses.php exists in the root of the system.

      This normally would not create a WARNING except in some cases, where open_basedir is enabled and only allowed in the Moodle installation and in /tmp directory for instance.
      My proposed solution is to check if $fulldir is NULL before attempting to call is_readable.


      To reproduce: enable open_basedir in php.ini for the directory that moodle is installed in, and launch a new installation.

      What I expected: no warnings or errors

      What actually happens: Multiple warnings: is_readable(): open_basedir restriction in effect. File(/db/renamedclasses.php) is not within the allowed path(s): (/var/www/redactedmoodleinstallationfolder/:/tmp/).
      One warning for each time $subsystem is NULL in fill_classmap_renames_cache() function

      Proposed changes: https://github.com/MrXuso/moodle/commit/1418a43782b3c28421248f8df0656cf03660f083 
      Repository: https://github.com/MrXuso/moodle/ 
      Branch: open_basedir-patch-1

      Thank you very much for your time and have a nice day.

      Attachments

        1. MDL-72292_master.mp4
          5.91 MB
        2. MDL-72292_v311.mp4
          6.88 MB
        3. MDL-72292_v400.mp4
          4.97 MB

        Activity

          People

            abias Alexander Bias
            franciscojesúsjiménezhidalgo Francisco Jesús Jiménez Hidalgo
            Simey Lameze Simey Lameze
            Andrew Lyons Andrew Lyons
            John Edward Pedregosa John Edward Pedregosa
            David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo
            Votes:
            4 Vote for this issue
            Watchers:
            11 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              11/Jul/22

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 5 hours, 58 minutes
                5h 58m