summaryrefslogtreecommitdiff
path: root/ext/phar
diff options
context:
space:
mode:
Diffstat (limited to 'ext/phar')
-rw-r--r--ext/phar/phar.c10
-rw-r--r--ext/phar/phar_internal.h2
-rw-r--r--ext/phar/phar_object.c40
-rw-r--r--ext/phar/tar.c11
-rw-r--r--ext/phar/tests/badparameters.phpt18
-rw-r--r--ext/phar/tests/bug64931/bug64931.phpt7
-rwxr-xr-xext/phar/tests/bug70433.zipbin264 -> 269 bytes
-rw-r--r--ext/phar/tests/bug71488.phpt1
-rw-r--r--ext/phar/tests/bug71498.phpt17
-rw-r--r--ext/phar/tests/bug71498.zipbin0 -> 65677 bytes
-rw-r--r--ext/phar/tests/create_path_error.phpt3
-rw-r--r--ext/phar/tests/phar_extract.phpt2
-rw-r--r--ext/phar/tests/phar_isvalidpharfilename.phpt2
-rw-r--r--ext/phar/tests/phar_unlinkarchive.phpt2
-rw-r--r--ext/phar/tests/pharfileinfo_construct.phpt2
-rw-r--r--ext/phar/tests/tar/bug71317-duplicate-filename.phpt50
-rw-r--r--ext/phar/tests/tar/bug71504.phpt18
-rw-r--r--ext/phar/tests/tar/files/HTML_CSS-1.5.4.tgzbin0 -> 45553 bytes
-rw-r--r--ext/phar/zip.c2
19 files changed, 138 insertions, 49 deletions
diff --git a/ext/phar/phar.c b/ext/phar/phar.c
index 71498b6a13..2b65a54ed9 100644
--- a/ext/phar/phar.c
+++ b/ext/phar/phar.c
@@ -2186,6 +2186,14 @@ int phar_split_fname(const char *filename, int filename_len, char **arch, int *a
#endif
int ext_len;
+ if (CHECK_NULL_PATH(filename, filename_len)) {
+ return FAILURE;
+ }
+
+ if (CHECK_NULL_PATH(filename, filename_len)) {
+ return FAILURE;
+ }
+
if (!strncasecmp(filename, "phar://", 7)) {
filename += 7;
filename_len -= 7;
@@ -3212,7 +3220,7 @@ int phar_flush(phar_archive_data *phar, char *user_stub, zend_long len, int conv
#ifdef COMPILE_DL_PHAR
#ifdef ZTS
-ZEND_TSRMLS_CACHE_DEFINE();
+ZEND_TSRMLS_CACHE_DEFINE()
#endif
ZEND_GET_MODULE(phar)
#endif
diff --git a/ext/phar/phar_internal.h b/ext/phar/phar_internal.h
index 610482b290..cd562ea411 100644
--- a/ext/phar/phar_internal.h
+++ b/ext/phar/phar_internal.h
@@ -196,7 +196,7 @@ ZEND_EXTERN_MODULE_GLOBALS(phar)
#define PHAR_G(v) ZEND_MODULE_GLOBALS_ACCESSOR(phar, v)
#if defined(ZTS) && defined(COMPILE_DL_PHAR)
-ZEND_TSRMLS_CACHE_EXTERN();
+ZEND_TSRMLS_CACHE_EXTERN()
#endif
#include "pharzip.h"
diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
index 249fbff4de..ebacc88db1 100644
--- a/ext/phar/phar_object.c
+++ b/ext/phar/phar_object.c
@@ -450,7 +450,7 @@ PHP_METHOD(Phar, mount)
size_t path_len, actual_len;
phar_archive_data *pphar;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", &path, &path_len, &actual, &actual_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "pp", &path, &path_len, &actual, &actual_len) == FAILURE) {
return;
}
@@ -929,7 +929,7 @@ PHP_METHOD(Phar, createDefaultStub)
zend_string *stub;
size_t index_len = 0, webindex_len = 0;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "|ss", &index, &index_len, &webindex, &webindex_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "|pp", &index, &index_len, &webindex, &webindex_len) == FAILURE) {
return;
}
@@ -973,7 +973,7 @@ PHP_METHOD(Phar, loadPhar)
char *fname, *alias = NULL, *error;
size_t fname_len, alias_len = 0;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|s!", &fname, &fname_len, &alias, &alias_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|s!", &fname, &fname_len, &alias, &alias_len) == FAILURE) {
return;
}
@@ -1053,7 +1053,7 @@ PHP_METHOD(Phar, isValidPharFilename)
int ext_len, is_executable;
zend_bool executable = 1;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|b", &fname, &fname_len, &executable) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|b", &fname, &fname_len, &executable) == FAILURE) {
return;
}
@@ -1120,11 +1120,11 @@ PHP_METHOD(Phar, __construct)
is_data = instanceof_function(Z_OBJCE_P(zobj), phar_ce_data);
if (is_data) {
- if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "s|ls!l", &fname, &fname_len, &flags, &alias, &alias_len, &format) == FAILURE) {
+ if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "p|ls!l", &fname, &fname_len, &flags, &alias, &alias_len, &format) == FAILURE) {
return;
}
} else {
- if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "s|ls!", &fname, &fname_len, &flags, &alias, &alias_len) == FAILURE) {
+ if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "p|ls!", &fname, &fname_len, &flags, &alias, &alias_len) == FAILURE) {
return;
}
}
@@ -1292,7 +1292,7 @@ PHP_METHOD(Phar, unlinkArchive)
int zname_len, arch_len, entry_len;
phar_archive_data *phar;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
RETURN_FALSE;
}
@@ -1707,7 +1707,7 @@ PHP_METHOD(Phar, buildFromDirectory)
return;
}
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|s", &dir, &dir_len, &regex, &regex_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|s", &dir, &dir_len, &regex, &regex_len) == FAILURE) {
RETURN_FALSE;
}
@@ -2554,7 +2554,7 @@ PHP_METHOD(Phar, delete)
return;
}
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
RETURN_FALSE;
}
@@ -3368,7 +3368,7 @@ PHP_METHOD(Phar, copy)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", &oldfile, &oldfile_len, &newfile, &newfile_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "pp", &oldfile, &oldfile_len, &newfile, &newfile_len) == FAILURE) {
return;
}
@@ -3468,7 +3468,7 @@ PHP_METHOD(Phar, offsetExists)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
return;
}
@@ -3506,7 +3506,7 @@ PHP_METHOD(Phar, offsetGet)
zend_string *sfname;
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
return;
}
@@ -3653,8 +3653,8 @@ PHP_METHOD(Phar, offsetSet)
return;
}
- if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS(), "sr", &fname, &fname_len, &zresource) == FAILURE
- && zend_parse_parameters(ZEND_NUM_ARGS(), "ss", &fname, &fname_len, &cont_str, &cont_len) == FAILURE) {
+ if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS(), "pr", &fname, &fname_len, &zresource) == FAILURE
+ && zend_parse_parameters(ZEND_NUM_ARGS(), "ps", &fname, &fname_len, &cont_str, &cont_len) == FAILURE) {
return;
}
@@ -3692,7 +3692,7 @@ PHP_METHOD(Phar, offsetUnset)
return;
}
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
return;
}
@@ -3739,7 +3739,7 @@ PHP_METHOD(Phar, addEmptyDir)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &dirname, &dirname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &dirname, &dirname_len) == FAILURE) {
return;
}
@@ -3764,7 +3764,7 @@ PHP_METHOD(Phar, addFile)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|s", &fname, &fname_len, &localname, &localname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|s", &fname, &fname_len, &localname, &localname_len) == FAILURE) {
return;
}
@@ -3799,7 +3799,7 @@ PHP_METHOD(Phar, addFromString)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", &localname, &localname_len, &cont_str, &cont_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "ps", &localname, &localname_len, &cont_str, &cont_len) == FAILURE) {
return;
}
@@ -4214,7 +4214,7 @@ PHP_METHOD(Phar, extractTo)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|z!b", &pathto, &pathto_len, &zval_files, &overwrite) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|z!b", &pathto, &pathto_len, &zval_files, &overwrite) == FAILURE) {
return;
}
@@ -4346,7 +4346,7 @@ PHP_METHOD(PharFileInfo, __construct)
phar_archive_data *phar_data;
zval *zobj = getThis(), arg1;
- if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
return;
}
diff --git a/ext/phar/tar.c b/ext/phar/tar.c
index 3b7373f6fa..e40739726b 100644
--- a/ext/phar/tar.c
+++ b/ext/phar/tar.c
@@ -498,14 +498,9 @@ bail:
entry.link = estrndup(hdr->linkname, linkname_len);
}
phar_set_inode(&entry);
- if ((newentry = zend_hash_str_add_mem(&myphar->manifest, entry.filename, entry.filename_len, (void*)&entry, sizeof(phar_entry_info))) == NULL) {
- if (error) {
- spprintf(error, 4096, "phar error: tar-based phar \"%s\" cannot be registered", entry.filename);
- }
- php_stream_close(fp);
- phar_destroy_phar_data(myphar);
- return FAILURE;
- }
+
+ newentry = zend_hash_str_update_mem(&myphar->manifest, entry.filename, entry.filename_len, (void*)&entry, sizeof(phar_entry_info));
+ ZEND_ASSERT(newentry != NULL);
if (entry.is_persistent) {
++entry.manifest_pos;
diff --git a/ext/phar/tests/badparameters.phpt b/ext/phar/tests/badparameters.phpt
index a1a9fb78a0..4d0887f66f 100644
--- a/ext/phar/tests/badparameters.phpt
+++ b/ext/phar/tests/badparameters.phpt
@@ -147,19 +147,19 @@ echo $e->getMessage() . "\n";
--EXPECTF--
Warning: Phar::mungServer() expects parameter 1 to be array, %string given in %sbadparameters.php on line %d
-Warning: Phar::createDefaultStub() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::createDefaultStub() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
-Warning: Phar::loadPhar() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::loadPhar() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Warning: Phar::canCompress() expects parameter 1 to be integer, %string given in %sbadparameters.php on line %d
-Exception: Phar::__construct() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Exception: Phar::__construct() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Warning: Phar::convertToExecutable() expects parameter 1 to be integer, array given in %sbadparameters.php on line %d
Warning: Phar::convertToData() expects parameter 1 to be integer, array given in %sbadparameters.php on line %d
-Warning: PharData::delete() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: PharData::delete() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Cannot write out phar archive, phar is read-only
Entry oops does not exist and cannot be deleted
%sfiles/frontcontroller10.phar
@@ -186,18 +186,18 @@ Phar is readonly, cannot change compression
Warning: Phar::copy() expects exactly 2 parameters, 1 given in %sbadparameters.php on line %d
Cannot copy "a" to "b", phar is read-only
-Warning: Phar::offsetExists() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::offsetExists() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
-Warning: Phar::offsetGet() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::offsetGet() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Warning: Phar::offsetSet() expects exactly 2 parameters, 1 given in %sbadparameters.php on line %d
-Warning: PharData::offsetUnset() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: PharData::offsetUnset() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Write operations disabled by the php.ini setting phar.readonly
-Warning: Phar::addEmptyDir() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::addEmptyDir() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
-Warning: Phar::addFile() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::addFile() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Warning: Phar::addFromString() expects exactly 2 parameters, 1 given in %sbadparameters.php on line %d
Write operations disabled by the php.ini setting phar.readonly
diff --git a/ext/phar/tests/bug64931/bug64931.phpt b/ext/phar/tests/bug64931/bug64931.phpt
index 9c1f9dcaf1..630746cdf8 100644
--- a/ext/phar/tests/bug64931/bug64931.phpt
+++ b/ext/phar/tests/bug64931/bug64931.phpt
@@ -48,11 +48,12 @@ try {
<?php
@unlink(__DIR__."/bug64931.phar");
?>
---EXPECT--
+--EXPECTF--
Test
CAUGHT: Cannot create any files in magic ".phar" directory
CAUGHT: Cannot create any files in magic ".phar" directory
CAUGHT: Cannot create any files in magic ".phar" directory
CAUGHT: Cannot create any files in magic ".phar" directory
-CAUGHT: Cannot create any files in magic ".phar" directory
-===DONE=== \ No newline at end of file
+
+Warning: Phar::addFromString() expects parameter 1 to be a valid path, string given in %s%ebug64931.php on line %d
+===DONE===
diff --git a/ext/phar/tests/bug70433.zip b/ext/phar/tests/bug70433.zip
index 3994a30a8e..232a2210f5 100755
--- a/ext/phar/tests/bug70433.zip
+++ b/ext/phar/tests/bug70433.zip
Binary files differ
diff --git a/ext/phar/tests/bug71488.phpt b/ext/phar/tests/bug71488.phpt
index 05fdd8f481..22d2bf098f 100644
--- a/ext/phar/tests/bug71488.phpt
+++ b/ext/phar/tests/bug71488.phpt
@@ -7,6 +7,7 @@ Phar: bug #71488: Stack overflow when decompressing tar archives
$p = new PharData(__DIR__."/bug71488.tar");
$newp = $p->decompress("test");
?>
+
DONE
--CLEAN--
<?php
diff --git a/ext/phar/tests/bug71498.phpt b/ext/phar/tests/bug71498.phpt
new file mode 100644
index 0000000000..4157ac20b6
--- /dev/null
+++ b/ext/phar/tests/bug71498.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Phar: bug #71498: Out-of-Bound Read in phar_parse_zipfile()
+--SKIPIF--
+<?php if (!extension_loaded("phar")) die("skip"); ?>
+--FILE--
+<?php
+try {
+$p = new PharData(__DIR__."/bug71498.zip");
+} catch(UnexpectedValueException $e) {
+ echo $e->getMessage();
+}
+?>
+
+DONE
+--EXPECTF--
+phar error: end of central directory not found in zip-based phar "%s%ebug71498.zip"
+DONE
diff --git a/ext/phar/tests/bug71498.zip b/ext/phar/tests/bug71498.zip
new file mode 100644
index 0000000000..ae78dd871e
--- /dev/null
+++ b/ext/phar/tests/bug71498.zip
Binary files differ
diff --git a/ext/phar/tests/create_path_error.phpt b/ext/phar/tests/create_path_error.phpt
index fe2cd3e22b..3449b07fc6 100644
--- a/ext/phar/tests/create_path_error.phpt
+++ b/ext/phar/tests/create_path_error.phpt
@@ -80,6 +80,5 @@ string(5) "query"
11:Error: file_put_contents(phar://%s): failed to open stream: phar error: invalid path "%s" contains illegal character
12:Error: file_put_contents(phar://%s): failed to open stream: phar error: invalid path "%s" contains illegal character
13:Error: file_put_contents(phar://%s): failed to open stream: phar error: invalid path "%s" contains illegal character
-Exception: Entry a does not exist and cannot be created: phar error: invalid path "a" contains illegal character
-===DONE===
+Error: Phar::offsetSet() expects parameter 1 to be a valid path, string given===DONE===
diff --git a/ext/phar/tests/phar_extract.phpt b/ext/phar/tests/phar_extract.phpt
index bc545236fd..f7d1403d59 100644
--- a/ext/phar/tests/phar_extract.phpt
+++ b/ext/phar/tests/phar_extract.phpt
@@ -138,7 +138,7 @@ string(3) "hi2"
bool(false)
Invalid argument, expected a filename (string) or array of filenames
-Warning: Phar::extractTo() expects parameter 1 to be %string, array given in %sphar_extract.php on line %d
+Warning: Phar::extractTo() expects parameter 1 to be a valid path, array given in %sphar_extract.php on line %d
Invalid argument, extraction path must be non-zero length
Unable to use path "%soops" for extraction, it is a file, must be a directory
Invalid argument, array of filenames to extract contains non-string value
diff --git a/ext/phar/tests/phar_isvalidpharfilename.phpt b/ext/phar/tests/phar_isvalidpharfilename.phpt
index dee9b7dc03..da07bec287 100644
--- a/ext/phar/tests/phar_isvalidpharfilename.phpt
+++ b/ext/phar/tests/phar_isvalidpharfilename.phpt
@@ -76,7 +76,7 @@ var_dump(Phar::isValidPharFilename('dir.phar.php', false));
<?php
rmdir(dirname(__FILE__) . '/.phar');
--EXPECTF--
-Warning: Phar::isValidPharFilename() expects parameter 1 to be %string, array given in %sphar_isvalidpharfilename.php on line %d
+Warning: Phar::isValidPharFilename() expects parameter 1 to be a valid path, array given in %sphar_isvalidpharfilename.php on line %d
*
bool(false)
bool(false)
diff --git a/ext/phar/tests/phar_unlinkarchive.phpt b/ext/phar/tests/phar_unlinkarchive.phpt
index 4800c5272d..2f441bace5 100644
--- a/ext/phar/tests/phar_unlinkarchive.phpt
+++ b/ext/phar/tests/phar_unlinkarchive.phpt
@@ -90,7 +90,7 @@ Unknown phar archive ""
Unknown phar archive "%sphar_unlinkarchive.phar"
Unknown phar archive "%sphar_unlinkarchive.phar.tar": internal corruption of phar "%sphar_unlinkarchive.phar.tar" (truncated entry)
-Warning: Phar::unlinkArchive() expects parameter 1 to be %string, array given in %sphar_unlinkarchive.php on line %d
+Warning: Phar::unlinkArchive() expects parameter 1 to be a valid path, array given in %sphar_unlinkarchive.php on line %d
bool(false)
string(48) "<?php echo "first stub\n"; __HALT_COMPILER(); ?>"
phar archive "%sphar_unlinkarchive.phar" has open file handles or objects. fclose() all file handles, and unset() all objects prior to calling unlinkArchive()
diff --git a/ext/phar/tests/pharfileinfo_construct.phpt b/ext/phar/tests/pharfileinfo_construct.phpt
index 1f4f6177b0..53ee5143cf 100644
--- a/ext/phar/tests/pharfileinfo_construct.phpt
+++ b/ext/phar/tests/pharfileinfo_construct.phpt
@@ -50,7 +50,7 @@ echo $e->getMessage() . "\n";
<?php unlink(dirname(__FILE__) . '/' . basename(__FILE__, '.clean.php') . '.phar'); ?>
--EXPECTF--
Cannot open phar file 'phar://%spharfileinfo_construct.phar/oops': internal corruption of phar "%spharfileinfo_construct.phar" (truncated entry)
-PharFileInfo::__construct() expects parameter 1 to be string, array given
+PharFileInfo::__construct() expects parameter 1 to be a valid path, array given
Cannot access phar file entry '%s' in archive '%s'
Cannot call constructor twice
'%s' is not a valid phar archive URL (must have at least phar://filename.phar)
diff --git a/ext/phar/tests/tar/bug71317-duplicate-filename.phpt b/ext/phar/tests/tar/bug71317-duplicate-filename.phpt
new file mode 100644
index 0000000000..bcbccab1c8
--- /dev/null
+++ b/ext/phar/tests/tar/bug71317-duplicate-filename.phpt
@@ -0,0 +1,50 @@
+--TEST--
+Bug #71317: regression in opening tar based phar files
+--SKIPIF--
+<?php if (!extension_loaded('phar')) die('skip'); ?>
+<?php if (!extension_loaded("spl")) die("skip SPL not available"); ?>
+<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
+--FILE--
+<?php
+include dirname(__FILE__) . '/files/tarmaker.php.inc';
+
+$testDirectory = __DIR__ . '/files/test_bug71317';
+$testTarFilename = __DIR__ . '/files/test_bug71317.tar';
+
+$tar = new tarmaker($testTarFilename, 'none');
+$tar->init();
+$tar->addFile('file1.txt', 'file1');
+$tar->addFile('file2.txt', 'file2');
+$tar->addFile('file3.txt', 'file3');
+$tar->addFile('file4.txt', 'file4');
+$tar->addFile('file5.txt', 'file5');
+$tar->addFile('file2.txt', 'file2a');
+$tar->close();
+
+$fname = str_replace('\\', '/', $testTarFilename);
+try {
+ mkdir($testDirectory);
+ $tar = new PharData($fname);
+ $tar->extractTo($testDirectory);
+
+ $fileContent = file_get_contents($testDirectory . '/file2.txt');
+ $expectedContent = 'file2a';
+ if ($fileContent !== $expectedContent) {
+ throw new Exception(sprintf('Contents of file2.txt ("%s") is invalid, expected "%s"', $fileContent, $expectedContent));
+ }
+} catch(Exception $e) {
+ echo $e->getMessage() . "\n";
+}
+?>
+===DONE===
+--CLEAN--
+<?php
+$testDirectory = __DIR__ . '/files/test_bug71317';
+$testTarFilename = __DIR__ . '/files/test_bug71317.tar';
+
+unlink($testTarFilename);
+array_map('unlink', glob($testDirectory . "/*.txt"));
+rmdir($testDirectory);
+?>
+--EXPECT--
+===DONE===
diff --git a/ext/phar/tests/tar/bug71504.phpt b/ext/phar/tests/tar/bug71504.phpt
new file mode 100644
index 0000000000..e85078810e
--- /dev/null
+++ b/ext/phar/tests/tar/bug71504.phpt
@@ -0,0 +1,18 @@
+--TEST--
+Bug #71504: Parsing of tar file with duplicate filenames causes memory leak
+--SKIPIF--
+<?php if (!extension_loaded('phar')) die('skip'); ?>
+<?php if (!extension_loaded("spl")) die("skip SPL not available"); ?>
+<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
+--FILE--
+<?php
+$fname = str_replace('\\', '/', dirname(__FILE__) . '/files/HTML_CSS-1.5.4.tgz');
+try {
+ $tar = new PharData($fname);
+} catch(Exception $e) {
+ echo $e->getMessage() . "\n";
+}
+?>
+===DONE===
+--EXPECT--
+===DONE===
diff --git a/ext/phar/tests/tar/files/HTML_CSS-1.5.4.tgz b/ext/phar/tests/tar/files/HTML_CSS-1.5.4.tgz
new file mode 100644
index 0000000000..d0b2313e7a
--- /dev/null
+++ b/ext/phar/tests/tar/files/HTML_CSS-1.5.4.tgz
Binary files differ
diff --git a/ext/phar/zip.c b/ext/phar/zip.c
index 4994dd0e04..30c52c0479 100644
--- a/ext/phar/zip.c
+++ b/ext/phar/zip.c
@@ -199,7 +199,7 @@ int phar_parse_zipfile(php_stream *fp, char *fname, int fname_len, char *alias,
}
while ((p=(char *) memchr(p + 1, 'P', (size_t) (size - (p + 1 - buf)))) != NULL) {
- if (!memcmp(p + 1, "K\5\6", 3)) {
+ if ((p - buf) + sizeof(locator) <= size && !memcmp(p + 1, "K\5\6", 3)) {
memcpy((void *)&locator, (void *) p, sizeof(locator));
if (PHAR_GET_16(locator.centraldisk) != 0 || PHAR_GET_16(locator.disknumber) != 0) {
/* split archives not handled */
View Lorry Controller Status