[BUGFIX] Make sure fixPermissions gets 4 digit string 30/44430/3
authorBenjamin Mack <benni@typo3.org>
Fri, 30 Oct 2015 22:17:05 +0000 (23:17 +0100)
committerMorton Jonuschat <m.jonuschat@mojocode.de>
Sat, 31 Oct 2015 11:34:02 +0000 (12:34 +0100)
The global file options "fileCreateMask" and "folderCreateMask" should
always have 4 digits when calling GeneralUtility::fixPermissions() to
avoid any problems when having a misconfiguration.

Resolves: #36167
Releases: master
Change-Id: I4ad8a98770a63abe7f8ba3de00b0394d211d5d03
Reviewed-on: https://review.typo3.org/44430
Reviewed-by: Michael Oehlhof <typo3@oehlhof.de>
Tested-by: Michael Oehlhof <typo3@oehlhof.de>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
typo3/sysext/core/Classes/Utility/GeneralUtility.php

index 91fa603..a88f70a 100755 (executable)
@@ -2699,17 +2699,20 @@ Connection: close
         }
         if (static::isAllowedAbsPath($path)) {
             if (@is_file($path)) {
-                $targetFilePermissions = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'])
-                    ? octdec($GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'])
-                    : octdec('0644');
-                // "@" is there because file is not necessarily OWNED by the user
-                $result = @chmod($path, $targetFilePermissions);
+                $targetPermissions = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'])
+                    ? $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask']
+                    : '0644';
             } elseif (@is_dir($path)) {
-                $targetDirectoryPermissions = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'])
-                    ? octdec($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'])
-                    : octdec('0755');
+                $targetPermissions = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'])
+                    ? $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']
+                    : '0755';
+            }
+            if (!empty($targetPermissions)) {
+                // make sure it's always 4 digits
+                $targetPermissions = str_pad($targetPermissions, 4, 0, STR_PAD_LEFT);
+                $targetPermissions = octdec($targetPermissions);
                 // "@" is there because file is not necessarily OWNED by the user
-                $result = @chmod($path, $targetDirectoryPermissions);
+                $result = @chmod($path, $targetPermissions);
             }
             // Set createGroup if not empty
             if (