diff options
| author | Josh <josh.t.richards@gmail.com> | 2024-12-21 14:13:22 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-12-21 14:13:22 -0500 |
| commit | 1f5d1d5f310753963e91356ef028bd3ca25d92dc (patch) | |
| tree | add55db0a3b39b79612da80e54e459a0e18b749f | |
| parent | 81f9fc02f89c9cb2334e5bfa4e874d36f47f4cca (diff) | |
| download | nextcloud-server-detect-inadvertent-config-overlaps.tar.gz nextcloud-server-detect-inadvertent-config-overlaps.zip | |
fix: detect inadvertent overlapping config files that break upgradesdetect-inadvertent-config-overlaps
Fixes #32648
Detects when there are multiple config files and any of them other than the default `config.php` contain a `version` string: the telltale sign of an inadvertent `*.config.php` (such as a backup) existing in `config/` and creating a conflict (which breaks upgrades).
Also refactors error message handling.
Signed-off-by: Josh <josh.t.richards@gmail.com>
| -rw-r--r-- | lib/private/Config.php | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/lib/private/Config.php b/lib/private/Config.php index 0e8d07955af..20286ae6f14 100644 --- a/lib/private/Config.php +++ b/lib/private/Config.php @@ -197,31 +197,42 @@ class Config { } http_response_code(500); - die(sprintf('FATAL: Could not open the config file %s', $file)); + die(sprintf('FATAL: Could not open the config file: %s' . PHP_EOL, basename($file))); } // Try to acquire a file lock if (!flock($filePointer, LOCK_SH)) { - throw new \Exception(sprintf('Could not acquire a shared lock on the config file %s', $file)); + http_response_code(500); + die(sprintf('FATAL: Could not acquire a shared lock on the config file: %s' . PHP_EOL, basename($file))); } try { + // wrap with output buffer to catch some problems and avoid generating uncontrolled output + ob_start(); include $file; + $ob_length = ob_get_length(); + ob_end_clean(); + // syntax issues in the config file like leading spaces cause PHP to send output + if ($ob_length > 0 && !defined('PHPUNIT_RUN')) { // indicator of leading content discovered + $errorMessage = sprintf('FATAL: Config file has leading content, please remove everything before "<?php" in: %s' . PHP_EOL, basename($file)); + if (!defined('OC_CONSOLE')) { + die(\OCP\Util::sanitizeHTML($errorMessage)); + } else { + die($errorMessage); + } + } } finally { // Close the file pointer and release the lock flock($filePointer, LOCK_UN); fclose($filePointer); } - if (!defined('PHPUNIT_RUN') && headers_sent()) { - // syntax issues in the config file like leading spaces causing PHP to send output - $errorMessage = sprintf('Config file has leading content, please remove everything before "<?php" in %s', basename($file)); - if (!defined('OC_CONSOLE')) { - print(\OCP\Util::sanitizeHTML($errorMessage)); - } - throw new \Exception($errorMessage); - } if (isset($CONFIG) && is_array($CONFIG)) { + // try to detect unintentionally overlapping config files (which will break things like upgrades) + if (isset($CONFIG['version']) && $file !== $this->configFilePath) { + http_response_code(500); + die(sprintf('FATAL: Conflicting version value in the loaded config file: %s' . PHP_EOL, basename($file))); + } $this->cache = array_merge($this->cache, $CONFIG); } } |