diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | ext/phar/tar.c | 9 | ||||
| -rw-r--r-- | ext/phar/tests/tar/files/P1-1.0.0.tgz | bin | 0 -> 1284 bytes | |||
| -rw-r--r-- | ext/phar/tests/tar/files/P1-1.0.0.tgz.pubkey | 9 | ||||
| -rw-r--r-- | ext/phar/tests/tar/tar_openssl_hash.phpt | 22 |
5 files changed, 39 insertions, 3 deletions
@@ -2,6 +2,8 @@ ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2009, PHP 5.3.1 +- Fixed bug #48681 (openssl signature verification for tar archives broken). + (Greg) - Fixed bug #38091 (Mail() does not use FQDN when sending SMTP helo). (Kalle, Rick Yorgason) diff --git a/ext/phar/tar.c b/ext/phar/tar.c index 85c0649900..1869e5c6ea 100644 --- a/ext/phar/tar.c +++ b/ext/phar/tar.c @@ -255,6 +255,8 @@ int phar_parse_tarfile(php_stream* fp, char *fname, int fname_len, char *alias, phar_tar_number(hdr->size, sizeof(hdr->size)); if (((!old && hdr->prefix[0] == 0) || old) && strlen(hdr->name) == sizeof(".phar/signature.bin")-1 && !strncmp(hdr->name, ".phar/signature.bin", sizeof(".phar/signature.bin")-1)) { + off_t curloc; + if (size > 511) { if (error) { spprintf(error, 4096, "phar error: tar-based phar \"%s\" has signature that is larger than 511 bytes, cannot process", fname); @@ -264,6 +266,7 @@ bail: phar_destroy_phar_data(myphar TSRMLS_CC); return FAILURE; } + curloc = php_stream_tell(fp); read = php_stream_read(fp, buf, size); if (read != size) { if (error) { @@ -280,7 +283,7 @@ bail: #else # define PHAR_GET_32(buffer) (php_uint32) *(buffer) #endif - if (FAILURE == phar_verify_signature(fp, php_stream_tell(fp) - size - 512, PHAR_GET_32(buf), buf + 8, PHAR_GET_32(buf + 4), fname, &myphar->signature, &myphar->sig_len, error TSRMLS_CC)) { + if (FAILURE == phar_verify_signature(fp, php_stream_tell(fp) - size - 512, PHAR_GET_32(buf), buf + 8, size - 8, fname, &myphar->signature, &myphar->sig_len, error TSRMLS_CC)) { if (error) { char *save = *error; spprintf(error, 4096, "phar error: tar-based phar \"%s\" signature cannot be verified: %s", fname, save); @@ -288,11 +291,11 @@ bail: } goto bail; } + php_stream_seek(fp, curloc + 512, SEEK_SET); /* signature checked out, let's ensure this is the last file in the phar */ - size = ((size+511)&~511) + 512; if (((hdr->typeflag == '\0') || (hdr->typeflag == TAR_FILE)) && size > 0) { /* this is not good enough - seek succeeds even on truncated tars */ - php_stream_seek(fp, size, SEEK_CUR); + php_stream_seek(fp, 512, SEEK_CUR); if ((uint)php_stream_tell(fp) > totalsize) { if (error) { spprintf(error, 4096, "phar error: \"%s\" is a corrupted tar file (truncated)", fname); diff --git a/ext/phar/tests/tar/files/P1-1.0.0.tgz b/ext/phar/tests/tar/files/P1-1.0.0.tgz Binary files differnew file mode 100644 index 0000000000..1d9cae4398 --- /dev/null +++ b/ext/phar/tests/tar/files/P1-1.0.0.tgz diff --git a/ext/phar/tests/tar/files/P1-1.0.0.tgz.pubkey b/ext/phar/tests/tar/files/P1-1.0.0.tgz.pubkey new file mode 100644 index 0000000000..eb59bdd26a --- /dev/null +++ b/ext/phar/tests/tar/files/P1-1.0.0.tgz.pubkey @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4drcwddPs6LmIbdT1ifT +Ev8HXh1Fk1yNusCDoCX6mYkgqvCmx02F/9k5q7n6CPblTcF5mdDI8kcRrUHmyXtD +9X0d7RN7BakZMPH5KPaNkXiXsI9YGSb39AnZgYw01n6u0W6Ohha+KwOsrxkKCF4u +LjPLQAlM+3uD8y9Tz2fF+pAE901kHrd3ue7a5i5EtW0bzl5QfxnwFZXAO0StQ9dF +slzibRH+1pFjMRxDnlgYmLQF6jMWm9Ty6x9UH9HZ3E3F9QZEQVXWT9y/pe30HcAX +YxAGZjPIx19UNPF5C+Nps6MjxNRht0pGXTL9sptYoiNjRiXAS0y4FM+8K6xvBIOF +ZQIDAQAB +-----END PUBLIC KEY----- diff --git a/ext/phar/tests/tar/tar_openssl_hash.phpt b/ext/phar/tests/tar/tar_openssl_hash.phpt new file mode 100644 index 0000000000..49ef77a44b --- /dev/null +++ b/ext/phar/tests/tar/tar_openssl_hash.phpt @@ -0,0 +1,22 @@ +--TEST-- +Phar: tar archive, require_hash=1, OpenSSL hash +--SKIPIF-- +<?php if (!extension_loaded('phar')) die('skip'); ?> +<?php if (!extension_loaded("spl")) die("skip SPL not available"); ?> +<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?> +<?php if (!extension_loaded("openssl")) die("skip openssl not available"); ?> +--INI-- +phar.readonly=1 +phar.require_hash=1 +--FILE-- +<?php +try { + $phar = new PharData(dirname(__FILE__) . '/files/P1-1.0.0.tgz'); +} catch (Exception $e) { + echo $e->getMessage()."\n"; +} + +?> +===DONE=== +--EXPECT-- +===DONE=== |