std/dba: validate file permission argument in dba_open()

arshidkv12 · arshidkv12 · commit eef932a8c314 · 2026-06-04T22:35:37.000+05:30
diff --git a/ext/dba/dba.c b/ext/dba/dba.c
@@ -563,7 +563,10 @@ static void php_dba_open(INTERNAL_FUNCTION_PARAMETERS, bool persistent)
 		zend_argument_must_not_be_empty_error(3);
 		RETURN_THROWS();
 	}
-	// TODO Check Value for permission
+	if (permission < 0 || (permission & ~07777) != 0) {
+		zend_argument_value_error(4, "Invalid file permission value (must be between 0 and 07777)");
+		RETURN_THROWS();
+	}
 	if (map_size < 0) {
 		zend_argument_value_error(5, "must be greater than or equal to 0");
 		RETURN_THROWS();
diff --git a/ext/dba/tests/dba_permission.phpt b/ext/dba/tests/dba_permission.phpt
@@ -0,0 +1,51 @@
+--TEST--
+DBA permission validation (invalid bits check)
+--EXTENSIONS--
+dba
+--SKIPIF--
+<?php
+if (!in_array('flatfile', dba_handlers())) die('skip flatfile handler not available');
+?>
+--FILE--
+<?php
+
+$filename = __DIR__ . DIRECTORY_SEPARATOR . 'test.db';
+
+function test($permission, $filename) {
+    try {
+        dba_open($filename, "c", "flatfile", $permission);
+        echo "OK\n";
+    } catch (ValueError $e) {
+        echo "VALUE_ERROR\n";
+    } catch (Throwable $e) {
+        echo "ERROR\n";
+    }
+
+    @unlink($filename);
+}
+
+/* valid permissions */
+test(0777, $filename);
+test(0755, $filename);
+test(0644, $filename);
+test(0000, $filename);
+
+/* invalid permissions */
+test(010000, $filename);
+test(020000, $filename);
+test(-1, $filename);
+
+?>
+--EXPECT--
+OK
+OK
+OK
+OK
+VALUE_ERROR
+VALUE_ERROR
+VALUE_ERROR
+--CLEAN--
+<?php
+$filename = __DIR__ . DIRECTORY_SEPARATOR . 'test.db';
+@unlink($filename);
+?>
