Title: Recursive Bug in ITSEC_Lib_Directory::create Last modified: September 23, 2018 --- # Recursive Bug in ITSEC_Lib_Directory::create * [Jeff-Lewis](https://wordpress.org/support/users/jeff-lewis/) * (@jeff-lewis) * [7 years, 8 months ago](https://wordpress.org/support/topic/recursive-bug-in-itsec_lib_directorycreate/) * When a user restores a WordPress DB or iThemes settings where the main iThemes Log directory is a completely different drive (D:\) that does not exist of the current machine, ITSEC_Lib_Directory::create lines 140-144 will go in an endless loop and eventually crash. Below is the code we have to apply to your plugin, file class-itsec-lib-directory.php starting line 139, after every update. * ``` $parent = dirname( $dir ); while ( ! empty( $parent ) && ( ! self::is_dir( $parent ) ) ) { $previousParent = $parent; $parent = dirname( $parent ); if($previousParent === $parent){ $parent = null; } } ``` - This topic was modified 7 years, 8 months ago by [Jeff-Lewis](https://wordpress.org/support/users/jeff-lewis/). Viewing 6 replies - 1 through 6 (of 6 total) * [nlpro](https://wordpress.org/support/users/nlpro/) * (@nlpro) * [7 years, 8 months ago](https://wordpress.org/support/topic/recursive-bug-in-itsec_lib_directorycreate/#post-10717011) * Are the 2 envs both Windows platform ? * Or would this also be an issue when restoring from Windows platform to a linux env ? * [nlpro](https://wordpress.org/support/users/nlpro/) * (@nlpro) * [7 years, 8 months ago](https://wordpress.org/support/topic/recursive-bug-in-itsec_lib_directorycreate/#post-10720950) * FYI * It turns out this very same bug is present in the WordPress Core wp_mkdir_p() function ! * ``` 1616| // We need to find the permissions of the parent folder that exists and inherit that. 1617| $target_parent = dirname( $target ); 1618| while ( '.' != $target_parent && ! is_dir( $target_parent ) ) { 1619| $target_parent = dirname( $target_parent ); 1620| } ``` * Thread Starter [Jeff-Lewis](https://wordpress.org/support/users/jeff-lewis/) * (@jeff-lewis) * [7 years, 8 months ago](https://wordpress.org/support/topic/recursive-bug-in-itsec_lib_directorycreate/#post-10721909) * We get it on Windows. Haven’t tried linux. I’m surprised about wp_mkdir_p(). Did you file a bug? Thanks for the replies. * [nlpro](https://wordpress.org/support/users/nlpro/) * (@nlpro) * [7 years, 8 months ago](https://wordpress.org/support/topic/recursive-bug-in-itsec_lib_directorycreate/#post-10724284) * Please ignore my previous post. The wp_mkdir_p() bug was recently fixed in the WordPress 4.9.5 release (#43417). * > Filesystem API > #43417 – Avoid an infinite loop in `wp_mkdir_p()` when trying to determine > the parent folder with `open_basedir` restriction in effect. * ``` // We need to find the permissions of the parent folder that exists and inherit that. $target_parent = dirname( $target ); while ( '.' != $target_parent && ! is_dir( $target_parent ) && dirname( $target_parent ) !== $target_parent ) { $target_parent = dirname( $target_parent ); } ``` * Notice the extra (3rd) condition. * There is an important lesson to learn from my mistake. This is what happened. I looked up the wp_mkdir_p() function in the **Code Reference** on developer. wordpress.org So basically navigated to [this](https://developer.wordpress.org/reference/functions/wp_mkdir_p/) link and then scrolled down to the **Source #** section. I then clicked on the** Expand full source code** link. It turns out the code displayed is for 4.9.0 ( as can be seen by hovering with the mouse cursor over the **View on Trac** link) while I thought I was looking at (latest minor release) 4.9.8 code … So all embedded code in the **Code Reference** on developer.wordpress.org links to the **LATEST MAJOR** WordPress release. * Anyway I think you can shorten your fix by implementing the same code from the fixed wp_mkdir_p() function 😉 * Thread Starter [Jeff-Lewis](https://wordpress.org/support/users/jeff-lewis/) * (@jeff-lewis) * [7 years, 8 months ago](https://wordpress.org/support/topic/recursive-bug-in-itsec_lib_directorycreate/#post-10732915) * Ah, good to know about the Code Reference. Will you apply the same fix to ITSec? - This reply was modified 7 years, 8 months ago by [Jeff-Lewis](https://wordpress.org/support/users/jeff-lewis/). * [mmoore247](https://wordpress.org/support/users/mmoore247/) * (@mmoore247) * [7 years, 8 months ago](https://wordpress.org/support/topic/recursive-bug-in-itsec_lib_directorycreate/#post-10733146) * Hi, * I am Michael from iThemes support. The developer wanted me to let you know that this will be fixed in the next release of iThemes Security. * Thanks! Michael Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘Recursive Bug in ITSEC_Lib_Directory::create’ is closed to new replies. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351) * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) * 6 replies * 3 participants * Last reply from: [mmoore247](https://wordpress.org/support/users/mmoore247/) * Last activity: [7 years, 8 months ago](https://wordpress.org/support/topic/recursive-bug-in-itsec_lib_directorycreate/#post-10733146) * Status: not resolved