PHP 8.4.17 RC 1: #71527 Buffer over-write in finfo_open with malformed magic file #21070
Description
Description
The following code:
$finfo = finfo_open(FILEINFO_NONE, __DIR__ . DIRECTORY_SEPARATOR . "bug71527私はガラスを食べられます.magic");
var_dump($finfo);
<?phpResulted in this output:
Warning: finfo_open(/test_php/source/php/ext/fileinfo/tests/bug71527私はガラスを食べられます.magic): Failed to open stream: No such file or directory in /test_php/source/php/ext/fileinfo/tests/bug71527-mb.php on line 2
Warning: finfo_open(/test_php/source/php/ext/fileinfo/tests/bug71527私はガラスを食べられます.magic): Failed to open stream: No such file or directory in /test_php/source/php/ext/fileinfo/tests/bug71527-mb.php on line 2
Warning: finfo_open(): Failed to load magic database at "/test_php/source/php/ext/fileinfo/tests/bug71527私はガラスを食べられます.magic" in /test_php/source/php/ext/fileinfo/tests/bug71527-mb.php on line 2
bool(false)
But I expected this output instead:
Warning: finfo_open(): Failed to load magic database at "%sbug71527私はガラスを食べられます.magic" in %sbug71527-mb.php on line %d
bool(false)
PHP Version
PHP 8.4.17RC1 (cli) (built: Jan 25 2026 21:18:17) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.4.17RC1, Copyright (c) Zend Technologies
Operating System
Debian GNU/Linux 12 (bookworm) x86_64 (container run with podman)