Binary-unsafe 'fopen(...)' usage

SugarSecurity.php

@@ -56,7 +56,7 @@ public function display()
 
     public function save($file='')
     {
-        $fp = fopen($file, 'a');
+        $fp = fopen($file, 'ab');
         foreach ($this->results as $result) {
             fwrite($fp, $result);
         }

include/Dashlets/DashletRssFeedTitle.php

@@ -81,7 +81,7 @@ public function readFeed()
             if (!in_array(strtolower(parse_url($this->url, PHP_URL_SCHEME)), array("http", "https"), true)) {
                 return false;
             }
-            $fileOpen = @fopen($this->url, 'r');
+            $fileOpen = @fopen($this->url, 'rb');
             if ($fileOpen) {
                 $this->fileOpen = true;
                 $this->contents = fread($fileOpen, $this->readBytes);

include/HTMLPurifier/HTMLPurifier.standalone.php

@@ -8232,7 +8232,7 @@ public function parseFile($file)
         if (!file_exists($file)) {
             return false;
         }
-        $fh = fopen($file, 'r');
+        $fh = fopen($file, 'rb');
         if (!$fh) {
             return false;
         }
@@ -8252,7 +8252,7 @@ public function parseMultiFile($file)
             return false;
         }
         $ret = array();
-        $fh = fopen($file, 'r');
+        $fh = fopen($file, 'rb');
         if (!$fh) {
             return false;
         }

include/HTTP_WebDAV_Server/Server.php

@@ -1117,7 +1117,7 @@ public function http_PUT()
                 }
             }
 
-            $options["stream"] = fopen("php://input", "r");
+            $options["stream"] = fopen("php://input", 'rb');
 
             $stat = $this->PUT($options);
 

include/HTTP_WebDAV_Server/Tools/_parse_lockinfo.php

@@ -84,7 +84,7 @@ public function __construct($path)
         $had_input = false;
 
         // open stream
-        $f_in = fopen($path, "r");
+        $f_in = fopen($path, 'rb');
         if (!$f_in) {
             $this->success = false;
             return;

include/HTTP_WebDAV_Server/Tools/_parse_propfind.php

@@ -74,7 +74,7 @@ public function __construct($path)
         $had_input = false;
 
         // open input stream
-        $f_in = fopen($path, "r");
+        $f_in = fopen($path, 'rb');
         if (!$f_in) {
             $this->success = false;
             return;

include/HTTP_WebDAV_Server/Tools/_parse_proppatch.php

@@ -83,7 +83,7 @@ public function __construct($path)
         $this->props = array();
         $had_input = false;
 
-        $f_in = fopen($path, "r");
+        $f_in = fopen($path, 'rb');
         if (!$f_in) {
             $this->success = false;
             return;

include/Imap/ImapHandlerFakeCalls.php

@@ -66,7 +66,7 @@
             [
                 'args' => ['{imap.gmail.com:993/service=imap/ssl/tls/validate-cert/secure}INBOX', 'testuser_name', 'testuser_pass', 0, 0, []],
                 'return' => [function () {
-                    $ret = fopen('fakeImapResource', 'w+'); // <-- create and return a fake resource for InboundEmail test usages
+                    $ret = fopen('fakeImapResource', 'wb+'); // <-- create and return a fake resource for InboundEmail test usages
                     if (!is_resource($ret)) {
                         throw new Exception('Imap fake needs a resource to return (check the file permisson - 1)');
                     }

include/Localization/Localization.php

@@ -782,7 +782,7 @@ public function invalidLocaleNameFormatUpgrade()
      */
     public function createInvalidLocaleNameFormatUpgradeNotice()
     {
-        $fh = fopen($this->invalidNameFormatUpgradeFilename, 'w');
+        $fh = fopen($this->invalidNameFormatUpgradeFilename, 'wb');
         fclose($fh);
     }
 

include/Smarty/plugins/function.fetch.php

@@ -37,7 +37,7 @@ function smarty_function_fetch($params, &$smarty)
         }
 
         // fetch the file
-        if ($fp = @fopen($params['file'], 'r')) {
+        if ($fp = @fopen($params['file'], 'rb')) {
             while (!feof($fp)) {
                 $content .= fgets($fp, 4096);
             }
@@ -193,7 +193,7 @@ function smarty_function_fetch($params, &$smarty)
             }
         } else {
             // ftp fetch
-            if ($fp = @fopen($params['file'], 'r')) {
+            if ($fp = @fopen($params['file'], 'rb')) {
                 while (!feof($fp)) {
                     $content .= fgets($fp, 4096);
                 }

include/SugarLogger/SugarLogger.php

@@ -208,7 +208,7 @@ public function log(
 
         //if we haven't opened a file pointer yet let's do that
         if (! $this->fp) {
-            $this->fp = fopen($this->full_log_file, 'a');
+            $this->fp = fopen($this->full_log_file, 'ab');
         }
 
 

include/SugarXHprof/xhprof_lib/utils/xhprof_runs.php

@@ -141,7 +141,7 @@ public function save_run($xhprof_data, $type, $run_id = null)
         }
 
         $file_name = $this->file_name($run_id, $type);
-        $file = fopen($file_name, 'w');
+        $file = fopen($file_name, 'wb');
 
         if ($file) {
             fwrite($file, $xhprof_data);

include/externalAPI/ExternalAPIFactory.php

@@ -154,12 +154,12 @@ public static function loadFullAPIList($forceRebuild=false, $ignoreDisabled = fa
 
         create_cache_directory('/include/');
         $cached_tmp = sugar_cached('include/externalAPI.cache-tmp.php');
-        $fd = fopen($cached_tmp, 'w');
+        $fd = fopen($cached_tmp, 'wb');
         fwrite($fd, "<"."?php\n//This file is auto generated by ".basename(__FILE__)."\n\$fullAPIList = ".var_export($apiFullList, true).";\n\n");
         fclose($fd);
         rename($cached_tmp, $cached);
 
-        $fd = fopen(sugar_cached('include/externalAPI.cache-tmp.js'), 'w');
+        $fd = fopen(sugar_cached('include/externalAPI.cache-tmp.js'), 'wb');
         fwrite($fd, "//This file is auto generated by ".basename(__FILE__)."\nSUGAR.eapm = ".json_encode($apiFullList).";\n\n");
         fclose($fd);
         rename(sugar_cached('include/externalAPI.cache-tmp.js'), sugar_cached('include/externalAPI.cache.js'));

include/language/jsLanguage.php

@@ -100,7 +100,7 @@ public static function createModuleStringsCache($moduleDir, $lang = 'en_us', $re
 
         $cacheDir = create_cache_directory('jsLanguage/' . $moduleDir . '/');
 
-        if ($fh = @fopen($cacheDir . $lang . '.js', "w")) {
+        if ($fh = @fopen($cacheDir . $lang . '.js', 'wb')) {
             fputs($fh, $str);
             fclose($fh);
         }

include/nusoap/class.soap_server.php

@@ -333,7 +333,7 @@ public function service($data)
                     } else {
                         $filename = substr($this->externalWSDLURL, $pos + 7);
                     }
-                    $fp = fopen($this->externalWSDLURL, 'r');
+                    $fp = fopen($this->externalWSDLURL, 'rb');
                     fpassthru($fp);
                 }
             } elseif ($this->wsdl) {

include/nusoap/class.wsdlcache.php

@@ -145,7 +145,7 @@ public function get($wsdl)
                 $this->releaseMutex($filename);
                 return null;
             }
-            $fp = @fopen($filename, "r");
+            $fp = @fopen($filename, 'rb');
             if ($fp) {
                 $s = implode("", @file($filename));
                 fclose($fp);
@@ -176,7 +176,7 @@ public function obtainMutex($filename, $mode)
             $this->debug("Lock for $filename already exists");
             return false;
         }
-        $this->fplock[md5($filename)] = fopen($filename.".lock", "w");
+        $this->fplock[md5($filename)] = fopen($filename.".lock", 'wb');
         if ($mode == "r") {
             return flock($this->fplock[md5($filename)], LOCK_SH);
         }
@@ -195,7 +195,7 @@ public function put($wsdl_instance)
         $filename = $this->createFilename($wsdl_instance->wsdl);
         $s = serialize($wsdl_instance);
         if ($this->obtainMutex($filename, "w")) {
-            $fp = fopen($filename, "w");
+            $fp = fopen($filename, 'wb');
             if (! $fp) {
                 $this->debug("Cannot write $wsdl_instance->wsdl ($filename) in cache");
                 $this->releaseMutex($filename);

include/nusoap/nusoap.php

@@ -5072,7 +5072,7 @@ public function service($data)
                     } else {
                         $filename = substr($this->externalWSDLURL, $pos + 7);
                     }
-                    $fp = fopen($this->externalWSDLURL, 'r');
+                    $fp = fopen($this->externalWSDLURL, 'rb');
                     fpassthru($fp);
                 }
             } elseif ($this->wsdl) {
@@ -6392,7 +6392,7 @@ public function parseWSDL($wsdl = '')
                 $path = $wsdl;
             }
             $this->debug('getting WSDL file ' . $path);
-            if ($fp = @fopen($path, 'r')) {
+            if ($fp = @fopen($path, 'rb')) {
                 $wsdl_string = '';
                 while ($data = fread($fp, 32768)) {
                     $wsdl_string .= $data;

include/parsecsv.lib.php

@@ -842,7 +842,7 @@ public function _check_count($char, $array, $depth, $preferred)
     public function _rfile($file = null)
     {
         if (is_readable($file)) {
-            if (!($fh = fopen($file, 'r'))) {
+            if (!($fh = fopen($file, 'rb'))) {
                 return false;
             }
             $data = fread($fh, filesize($file));

include/tcpdf/tcpdf.php

@@ -14317,7 +14317,7 @@ public function rollbackTransaction()
                     // truncate files to previous values
                     foreach ($this->objcopy->cache_file_lenght as $file => $lenght) {
                         $file = substr($file, 1);
-                        $handle = fopen($file, 'r+');
+                        $handle = fopen($file, 'rb+');
                         ftruncate($handle, $lenght);
                     }
                 }

install/install_utils.php

@@ -1032,7 +1032,7 @@ function handleHtaccess()
 </IfModule>
 EOQ;
     if (file_exists($htaccess_file)) {
-        $fp = fopen($htaccess_file, 'r');
+        $fp = fopen($htaccess_file, 'rb');
         $skip = false;
         while ($line = fgets($fp)) {
             if (preg_match("/\s*#\s*BEGIN\s*SUGARCRM\s*RESTRICTIONS/i", $line)) {

jssource/minify_utils.php

@@ -127,14 +127,14 @@ function ConcatenateFiles($from_path)
                             if (function_exists('sugar_fopen')) {
                                 $trgt_handle = sugar_fopen($trgt, 'a');
                             } else {
-                                $trgt_handle = fopen($trgt, 'a');
+                                $trgt_handle = fopen($trgt, 'ab');
                             }
                         } else {
                             //open target file
                             if (function_exists('sugar_fopen')) {
                                 $trgt_handle = sugar_fopen($trgt, 'w');
                             } else {
-                                $trgt_handle = fopen($trgt, 'w');
+                                $trgt_handle = fopen($trgt, 'wb');
                             }
                         }
                     } else {
@@ -147,7 +147,7 @@ function ConcatenateFiles($from_path)
                         if (function_exists('sugar_fopen')) {
                             $trgt_handle = @sugar_fopen($trgt, 'w');
                         } else {
-                            $trgt_handle = @fopen($trgt, 'w');
+                            $trgt_handle = @fopen($trgt, 'wb');
                         }
 
                         // todo: make this failure more friendly.  Ideally, it will display a
@@ -268,7 +268,7 @@ function CompressFiles($from_path, $to_path)
                 if (function_exists('sugar_fopen')) {
                     $file_handle = sugar_fopen($from_path, 'r');
                 } else {
-                    $file_handle = fopen($from_path, 'r');
+                    $file_handle = fopen($from_path, 'rb');
                 }
                 if ($file_handle) {
                     $beg = false;

modules/AOD_Index/Lib/Zend/Search/Lucene/Analysis/TokenFilter/StopWords.php

@@ -83,7 +83,7 @@ public function loadFromFile($filepath = null)
             require_once 'Zend/Search/Lucene/Exception.php';
             throw new Zend_Search_Lucene_Exception('You have to provide valid file path');
         }
-        $fd = fopen($filepath, "r");
+        $fd = fopen($filepath, 'rb');
         if (! $fd) {
             require_once 'Zend/Search/Lucene/Exception.php';
             throw new Zend_Search_Lucene_Exception('Cannot open file ' . $filepath);

modules/AOD_Index/LuceneUtils.php

@@ -89,7 +89,7 @@ function createDocXDocument($path)
  */
 function createDocDocument($path)
 {
-    $fileHandle = fopen($path, "r");
+    $fileHandle = fopen($path, 'rb');
     $line = @fread($fileHandle, filesize($path));
     $lines = explode(chr(0x0D), $line);
     $outtext = "";

modules/AOR_Charts/lib/pChart/class/pBarcode128.class.php

@@ -28,7 +28,7 @@ public function pBarcode128($BasePath="")
          $this->Codes   = "";
          $this->Reverse = "";
 
-         $FileHandle = @fopen($BasePath."data/128B.db", "r");
+         $FileHandle = @fopen($BasePath."data/128B.db", 'rb');
 
          if (!$FileHandle) {
              die("Cannot find barcode database (".$BasePath."128B.db).");

modules/AOR_Charts/lib/pChart/class/pBarcode39.class.php

@@ -30,7 +30,7 @@ public function pBarcode39($BasePath="", $EnableMOD43=false)
          $this->Codes   = "";
          $this->Reverse = "";
 
-         $FileHandle = @fopen($BasePath."data/39.db", "r");
+         $FileHandle = @fopen($BasePath."data/39.db", 'rb');
 
          if (!$FileHandle) {
              die("Cannot find barcode database (".$BasePath."data/39.db).");

modules/AOR_Charts/lib/pChart/class/pCache.class.php

@@ -74,17 +74,17 @@ public function writeToCache($ID, $pChartObject)
          $DBSize      = filesize($Database);
 
          /* Save the index */
-         $Handle = fopen($Index, "a");
+         $Handle = fopen($Index, 'ab');
          fwrite($Handle, $ID.",".$DBSize.",".$PictureSize.",".time().",0      \r\n");
          fclose($Handle);
 
          /* Get the picture raw contents */
-         $Handle = fopen($TemporaryFile, "r");
+         $Handle = fopen($TemporaryFile, 'rb');
          $Raw    = fread($Handle, $PictureSize);
          fclose($Handle);
 
          /* Save the picture in the solid database file */
-         $Handle = fopen($Database, "a");
+         $Handle = fopen($Database, 'ab');
          fwrite($Handle, $Raw);
          fclose($Handle);
 
@@ -137,10 +137,10 @@ public function dbRemoval($Settings)
          }
 
          /* Open the file handles */
-         $IndexHandle     = @fopen($Index, "r");
-         $IndexTempHandle = @fopen($IndexTemp, "w");
-         $DBHandle        = @fopen($Database, "r");
-         $DBTempHandle    = @fopen($DatabaseTemp, "w");
+         $IndexHandle     = @fopen($Index, 'rb');
+         $IndexTempHandle = @fopen($IndexTemp, 'wb');
+         $DBHandle        = @fopen($Database, 'rb');
+         $DBTempHandle    = @fopen($DatabaseTemp, 'wb');
 
          /* Remove the selected ID from the database */
          while (!feof($IndexHandle)) {
@@ -188,7 +188,7 @@ public function isInCache($ID, $Verbose=false, $UpdateHitsCount=false)
          $Index = $this->CacheFolder."/".$this->CacheIndex;
 
          /* Search the picture in the index file */
-         $Handle = @fopen($Index, "r");
+         $Handle = @fopen($Index, 'rb');
          while (!feof($Handle)) {
              $IndexPos = ftell($Handle);
              $Entry = fgets($Handle, 4096);
@@ -209,7 +209,7 @@ public function isInCache($ID, $Verbose=false, $UpdateHitsCount=false)
                              $Hits = $Hits.str_repeat(" ", 7-strlen($Hits));
                          }
 
-                         $Handle = @fopen($Index, "r+");
+                         $Handle = @fopen($Index, 'rb+');
                          fseek($Handle, $IndexPos);
                          fwrite($Handle, $PicID.",".$DBPos.",".$PicSize.",".$GeneratedTS.",".$Hits."\r\n");
                          fclose($Handle);
@@ -265,7 +265,7 @@ public function saveFromCache($ID, $Destination)
          }
 
          /* Flush the picture to a file */
-         $Handle = fopen($Destination, "w");
+         $Handle = fopen($Destination, 'wb');
          fwrite($Handle, $Picture);
          fclose($Handle);
 
@@ -291,7 +291,7 @@ public function getFromCache($ID)
          $PicSize = $CacheInfo["PicSize"];
 
          /* Extract the picture from the solid cache file */
-         $Handle = @fopen($Database, "r");
+         $Handle = @fopen($Database, 'rb');
          fseek($Handle, $DBPos);
          $Picture = fread($Handle, $PicSize);
          fclose($Handle);

modules/AOR_Charts/lib/pChart/class/pData.class.php

@@ -721,7 +721,7 @@ public function loadPalette($FileName, $Overwrite=false)
              $this->Palette = "";
          }
 
-         $fileHandle = @fopen($FileName, "r");
+         $fileHandle = @fopen($FileName, 'rb');
          if (!$fileHandle) {
              return(-1);
          }
@@ -867,7 +867,7 @@ public function importFromCSV($FileName, $Options="")
          $SkipColumns	= isset($Options["SkipColumns"]) ? $Options["SkipColumns"] : array(-1);
          $DefaultSerieName	= isset($Options["DefaultSerieName"]) ? $Options["DefaultSerieName"] : "Serie";
 
-         $Handle = @fopen($FileName, "r");
+         $Handle = @fopen($FileName, 'rb');
          if ($Handle) {
              $HeaderParsed = false;
              $SerieNames = "";