diff options
-rw-r--r-- | NEWS | 5 | ||||
-rw-r--r-- | ext/mysqli/mysqli_nonapi.c | 6 | ||||
-rw-r--r-- | ext/phar/php_phar.h | 2 | ||||
-rw-r--r-- | ext/phar/tar.c | 51 | ||||
-rw-r--r-- | ext/phar/tests/tar/bug49910.phpt | 50 | ||||
-rw-r--r-- | ext/phar/tests/tar/files/Structures_Graph-1.0.3.tgz | bin | 0 -> 30191 bytes | |||
-rw-r--r-- | php.ini-development | 2 | ||||
-rw-r--r-- | php.ini-production | 2 |
8 files changed, 111 insertions, 7 deletions
@@ -5,10 +5,13 @@ PHP NEWS - Fixed bug #50063 (safe_mode_include_dir fails). (Johannes, christian at elmerot dot se) +- Fixed bug #49910 (no support for ././@LongLink for long filenames in phar + tar support). (Greg) +- Fixed bug #49098 (mysqli segfault on error) (Rasmus) 03 Nov 2009, PHP 5.3.1 RC3 - Added "max_file_uploads" INI directive, which can be set to limit the - number of file uploads per-request to 100 by default, to prevent possible + number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion. (Ilia) - Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre) diff --git a/ext/mysqli/mysqli_nonapi.c b/ext/mysqli/mysqli_nonapi.c index 187b9bec30..9b384132fc 100644 --- a/ext/mysqli/mysqli_nonapi.c +++ b/ext/mysqli/mysqli_nonapi.c @@ -46,7 +46,11 @@ static void php_mysqli_set_error(long mysql_errno, char *mysql_err TSRMLS_DC) if (MyG(error_msg)) { efree(MyG(error_msg)); } - MyG(error_msg) = estrdup(mysql_err); + if(mysql_err && *mysql_err) { + MyG(error_msg) = estrdup(mysql_err); + } else { + MyG(error_msg) = NULL; + } } /* }}} */ diff --git a/ext/phar/php_phar.h b/ext/phar/php_phar.h index c8535fb7f4..e765ad4c5c 100644 --- a/ext/phar/php_phar.h +++ b/ext/phar/php_phar.h @@ -22,7 +22,7 @@ #ifndef PHP_PHAR_H #define PHP_PHAR_H -#define PHP_PHAR_VERSION "2.0.0" +#define PHP_PHAR_VERSION "2.0.1" #include "ext/standard/basic_functions.h" extern zend_module_entry phar_module_entry; diff --git a/ext/phar/tar.c b/ext/phar/tar.c index 383356fb93..53255b1d2d 100644 --- a/ext/phar/tar.c +++ b/ext/phar/tar.c @@ -200,6 +200,7 @@ int phar_parse_tarfile(php_stream* fp, char *fname, int fname_len, char *alias, tar_header *hdr; php_uint32 sum1, sum2, size, old; phar_archive_data *myphar, **actual; + int last_was_longlink = 0; if (error) { *error = NULL; @@ -332,7 +333,52 @@ bail: goto bail; } - if (!old && hdr->prefix[0] != 0) { + if (!last_was_longlink && hdr->typeflag == 'L') { + last_was_longlink = 1; + /* support the ././@LongLink system for storing long filenames */ + entry.filename_len = entry.uncompressed_filesize; + entry.filename = pemalloc(entry.filename_len+1, myphar->is_persistent); + + read = php_stream_read(fp, entry.filename, entry.filename_len); + if (read != entry.filename_len) { + efree(entry.filename); + if (error) { + spprintf(error, 4096, "phar error: \"%s\" is a corrupted tar file (truncated)", fname); + } + php_stream_close(fp); + phar_destroy_phar_data(myphar TSRMLS_CC); + return FAILURE; + } + entry.filename[entry.filename_len] = '\0'; + + /* skip blank stuff */ + size = ((size+511)&~511) - size; + + /* this is not good enough - seek succeeds even on truncated tars */ + php_stream_seek(fp, size, SEEK_CUR); + if ((uint)php_stream_tell(fp) > totalsize) { + efree(entry.filename); + if (error) { + spprintf(error, 4096, "phar error: \"%s\" is a corrupted tar file (truncated)", fname); + } + php_stream_close(fp); + phar_destroy_phar_data(myphar TSRMLS_CC); + return FAILURE; + } + + read = php_stream_read(fp, buf, sizeof(buf)); + + if (read != sizeof(buf)) { + efree(entry.filename); + if (error) { + spprintf(error, 4096, "phar error: \"%s\" is a corrupted tar file (truncated)", fname); + } + php_stream_close(fp); + phar_destroy_phar_data(myphar TSRMLS_CC); + return FAILURE; + } + continue; + } else if (!last_was_longlink && !old && hdr->prefix[0] != 0) { char name[256]; int i, j; @@ -357,7 +403,7 @@ bail: entry.filename_len--; } entry.filename = pestrndup(name, entry.filename_len, myphar->is_persistent); - } else { + } else if (!last_was_longlink) { int i; /* calculate strlen, which can be no longer than 100 */ @@ -375,6 +421,7 @@ bail: entry.filename_len--; } } + last_was_longlink = 0; phar_add_virtual_dirs(myphar, entry.filename, entry.filename_len TSRMLS_CC); diff --git a/ext/phar/tests/tar/bug49910.phpt b/ext/phar/tests/tar/bug49910.phpt new file mode 100644 index 0000000000..6fb66a50a0 --- /dev/null +++ b/ext/phar/tests/tar/bug49910.phpt @@ -0,0 +1,50 @@ +--TEST-- +Bug #49910: no support for ././@LongLink for long filenames in phar tar support +--SKIPIF-- +<?php if (!extension_loaded("phar")) die("skip"); ?> +<?php if (!extension_loaded("zlib")) die("skip"); ?> +--FILE-- +<?php +$fname = str_replace('\\', '/', dirname(__FILE__) . '/files/Structures_Graph-1.0.3.tgz'); +$tar = new PharData($fname); +$files = array(); +foreach (new RecursiveIteratorIterator($tar) as $file) { + $files[] = str_replace($fname, '*', $file->getPathName()); +} +print_r($files); +?> +===DONE=== +--EXPECT-- +Array +( + [0] => phar://*/Structures_Graph-1.0.3/LICENSE + [1] => phar://*/Structures_Graph-1.0.3/Structures/Graph/Manipulator/AcyclicTest.php + [2] => phar://*/Structures_Graph-1.0.3/Structures/Graph/Manipulator/TopologicalSorter.php + [3] => phar://*/Structures_Graph-1.0.3/Structures/Graph/Node.php + [4] => phar://*/Structures_Graph-1.0.3/Structures/Graph.php + [5] => phar://*/Structures_Graph-1.0.3/docs/generate.sh + [6] => phar://*/Structures_Graph-1.0.3/docs/html/Structures_Graph/Structures_Graph.html + [7] => phar://*/Structures_Graph-1.0.3/docs/html/Structures_Graph/Structures_Graph_Manipulator_AcyclicTest.html + [8] => phar://*/Structures_Graph-1.0.3/docs/html/Structures_Graph/Structures_Graph_Manipulator_TopologicalSorter.html + [9] => phar://*/Structures_Graph-1.0.3/docs/html/Structures_Graph/Structures_Graph_Node.html + [10] => phar://*/Structures_Graph-1.0.3/docs/html/Structures_Graph/_Structures_Graph_Manipulator_AcyclicTest_php.html + [11] => phar://*/Structures_Graph-1.0.3/docs/html/Structures_Graph/_Structures_Graph_Manipulator_TopologicalSorter_php.html + [12] => phar://*/Structures_Graph-1.0.3/docs/html/Structures_Graph/_Structures_Graph_Node_php.html + [13] => phar://*/Structures_Graph-1.0.3/docs/html/Structures_Graph/_Structures_Graph_php.html + [14] => phar://*/Structures_Graph-1.0.3/docs/html/Structures_Graph/tutorial_Structures_Graph.pkg.html + [15] => phar://*/Structures_Graph-1.0.3/docs/html/classtrees_Structures_Graph.html + [16] => phar://*/Structures_Graph-1.0.3/docs/html/elementindex.html + [17] => phar://*/Structures_Graph-1.0.3/docs/html/elementindex_Structures_Graph.html + [18] => phar://*/Structures_Graph-1.0.3/docs/html/errors.html + [19] => phar://*/Structures_Graph-1.0.3/docs/html/index.html + [20] => phar://*/Structures_Graph-1.0.3/docs/html/li_Structures_Graph.html + [21] => phar://*/Structures_Graph-1.0.3/docs/html/media/banner.css + [22] => phar://*/Structures_Graph-1.0.3/docs/html/media/stylesheet.css + [23] => phar://*/Structures_Graph-1.0.3/docs/html/packages.html + [24] => phar://*/Structures_Graph-1.0.3/docs/html/todolist.html + [25] => phar://*/Structures_Graph-1.0.3/docs/tutorials/Structures_Graph/Structures_Graph.pkg + [26] => phar://*/Structures_Graph-1.0.3/tests/AllTests.php + [27] => phar://*/Structures_Graph-1.0.3/tests/testCase/BasicGraph.php + [28] => phar://*/package.xml +) +===DONE=== diff --git a/ext/phar/tests/tar/files/Structures_Graph-1.0.3.tgz b/ext/phar/tests/tar/files/Structures_Graph-1.0.3.tgz Binary files differnew file mode 100644 index 0000000000..fa14f0c6a3 --- /dev/null +++ b/ext/phar/tests/tar/files/Structures_Graph-1.0.3.tgz diff --git a/php.ini-development b/php.ini-development index a45b67042d..2eecc139ff 100644 --- a/php.ini-development +++ b/php.ini-development @@ -879,7 +879,7 @@ file_uploads = On upload_max_filesize = 2M ; Maximum number of files that can be uploaded via a single request -max_file_uploads = 100 +max_file_uploads = 20 ;;;;;;;;;;;;;;;;;; ; Fopen wrappers ; diff --git a/php.ini-production b/php.ini-production index 9104155c88..c84d830465 100644 --- a/php.ini-production +++ b/php.ini-production @@ -879,7 +879,7 @@ file_uploads = On upload_max_filesize = 2M ; Maximum number of files that can be uploaded via a single request -max_file_uploads = 100 +max_file_uploads = 20 ;;;;;;;;;;;;;;;;;; ; Fopen wrappers ; |