Do not include hidden .php files (like editor backups) as extensions
Closed, WontfixPublic
Actions

Assigned To

Authored By

	AndiDog
	Jul 4 2017, 2:57 PM

Description

In src/moduleutils/PhutilBootloader.php:

if (empty($_SERVER['PHUTIL_DISABLE_RUNTIME_EXTENSIONS'])) {
      $extdir = $path.DIRECTORY_SEPARATOR.'extensions';
      if (Filesystem::pathExists($extdir)) {
        $extensions = id(new FileFinder($extdir))
          ->withSuffix('php')
          ->withType('f')
          ->withFollowSymlinks(true)
          ->setForceMode('php')
          ->find();

        foreach ($extensions as $extension) {
          $this->loadExtension(
            $name,
            $path,
            $extdir.DIRECTORY_SEPARATOR.$extension);
        }
      }
    }

the code selects all regular files whose filename ends with .php. While debugging custom extensions' problems (after ugprading Phabricator to latest), users got arcanist errors

Usage Exception: Failed to connect to server (https://our.phab.domain/api/): [HTTP/500] Internal Server Error
[Core Exception/PhutilBootloaderException] Include of extension file '/usr/local/lib/php/phabricator/src/extensions/.#OurCustomField.php' failed!

and that's because the admin was live-editing the extension file with the editor "joe" which saves backup files .#thefilename. Vim is a bit nicer by changing the file extension (appends .swp or ~).

Therefore: Hidden files, i.e. the ones starting with a dot, should most probably be excluded from the search.

Event Timeline

AndiDog created this task.Jul 4 2017, 2:57 PM

chad closed this task as Wontfix.Jul 4 2017, 3:09 PM

chad claimed this task.

Do not include hidden .php files (like editor backups) as extensionsClosed, WontfixPublicActions

Description

Event Timeline

Do not include hidden .php files (like editor backups) as extensions
Closed, WontfixPublic
Actions