diff options
author | Greg Beaver <cellog@php.net> | 2009-11-11 21:02:59 +0000 |
---|---|---|
committer | Greg Beaver <cellog@php.net> | 2009-11-11 21:02:59 +0000 |
commit | 01d9f2c9cefcea3e2742c69cb4968f9b535e6385 (patch) | |
tree | 9882e95aed7a007231da734d780f4fd4e95cc7ea | |
parent | 9933df614a0bde07f4384b1a6ab9356007b5b72f (diff) | |
download | php-git-01d9f2c9cefcea3e2742c69cb4968f9b535e6385.tar.gz |
fix PHP Bug #49910: no support for ././@LongLink for long filenames in phar tar support
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | ext/phar/php_phar.h | 2 | ||||
-rw-r--r-- | ext/phar/tar.c | 51 | ||||
-rw-r--r-- | ext/phar/tests/tar/files/Structures_Graph-1.0.3.tgz | bin | 0 -> 30191 bytes |
4 files changed, 52 insertions, 3 deletions
@@ -26,6 +26,8 @@ PHP NEWS (Felipe) - Fixed bug #50073 (parse_url() incorrect when ? in fragment). (Ilia) - Fixed bug #50023 (pdo_mysql doesn't use PHP_MYSQL_UNIX_SOCK_ADDR). (Ilia) +- Fixed bug #49910 (no support for ././@LongLink for long filenames in phar + tar support). (Greg) - Fixed bug #49908 (throwing exception in __autoload crashes when interface is not defined). (Felipe) - Fixed bug #49719 (ReflectionClass::hasProperty returns true for a private diff --git a/ext/phar/php_phar.h b/ext/phar/php_phar.h index c8535fb7f4..e765ad4c5c 100644 --- a/ext/phar/php_phar.h +++ b/ext/phar/php_phar.h @@ -22,7 +22,7 @@ #ifndef PHP_PHAR_H #define PHP_PHAR_H -#define PHP_PHAR_VERSION "2.0.0" +#define PHP_PHAR_VERSION "2.0.1" #include "ext/standard/basic_functions.h" extern zend_module_entry phar_module_entry; diff --git a/ext/phar/tar.c b/ext/phar/tar.c index 383356fb93..53255b1d2d 100644 --- a/ext/phar/tar.c +++ b/ext/phar/tar.c @@ -200,6 +200,7 @@ int phar_parse_tarfile(php_stream* fp, char *fname, int fname_len, char *alias, tar_header *hdr; php_uint32 sum1, sum2, size, old; phar_archive_data *myphar, **actual; + int last_was_longlink = 0; if (error) { *error = NULL; @@ -332,7 +333,52 @@ bail: goto bail; } - if (!old && hdr->prefix[0] != 0) { + if (!last_was_longlink && hdr->typeflag == 'L') { + last_was_longlink = 1; + /* support the ././@LongLink system for storing long filenames */ + entry.filename_len = entry.uncompressed_filesize; + entry.filename = pemalloc(entry.filename_len+1, myphar->is_persistent); + + read = php_stream_read(fp, entry.filename, entry.filename_len); + if (read != entry.filename_len) { + efree(entry.filename); + if (error) { + spprintf(error, 4096, "phar error: \"%s\" is a corrupted tar file (truncated)", fname); + } + php_stream_close(fp); + phar_destroy_phar_data(myphar TSRMLS_CC); + return FAILURE; + } + entry.filename[entry.filename_len] = '\0'; + + /* skip blank stuff */ + size = ((size+511)&~511) - size; + + /* this is not good enough - seek succeeds even on truncated tars */ + php_stream_seek(fp, size, SEEK_CUR); + if ((uint)php_stream_tell(fp) > totalsize) { + efree(entry.filename); + if (error) { + spprintf(error, 4096, "phar error: \"%s\" is a corrupted tar file (truncated)", fname); + } + php_stream_close(fp); + phar_destroy_phar_data(myphar TSRMLS_CC); + return FAILURE; + } + + read = php_stream_read(fp, buf, sizeof(buf)); + + if (read != sizeof(buf)) { + efree(entry.filename); + if (error) { + spprintf(error, 4096, "phar error: \"%s\" is a corrupted tar file (truncated)", fname); + } + php_stream_close(fp); + phar_destroy_phar_data(myphar TSRMLS_CC); + return FAILURE; + } + continue; + } else if (!last_was_longlink && !old && hdr->prefix[0] != 0) { char name[256]; int i, j; @@ -357,7 +403,7 @@ bail: entry.filename_len--; } entry.filename = pestrndup(name, entry.filename_len, myphar->is_persistent); - } else { + } else if (!last_was_longlink) { int i; /* calculate strlen, which can be no longer than 100 */ @@ -375,6 +421,7 @@ bail: entry.filename_len--; } } + last_was_longlink = 0; phar_add_virtual_dirs(myphar, entry.filename, entry.filename_len TSRMLS_CC); diff --git a/ext/phar/tests/tar/files/Structures_Graph-1.0.3.tgz b/ext/phar/tests/tar/files/Structures_Graph-1.0.3.tgz Binary files differnew file mode 100644 index 0000000000..fa14f0c6a3 --- /dev/null +++ b/ext/phar/tests/tar/files/Structures_Graph-1.0.3.tgz |