archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 06:58:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

add checking for invalid alias on opening tar, and test

Browse source
This commit is contained in:
Greg Beaver 2008-04-26 22:31:44 +00:00
parent ad6e7fc667
commit 11c93b8494
7 changed files with 56 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

31
ext/phar/tar.c
View file

@ -284,8 +284,39 @@ int phar_open_tarfile(php_stream* fp, char *fname, int fname_len, char *alias, i
if (!actual_alias && entry.filename_len == sizeof(".phar/alias.txt")-1 && !strncmp(entry.filename, ".phar/alias.txt", sizeof(".phar/alias.txt")-1)) {
size_t read;
/* found explicit alias */
if (size > 511) {
if (error) {
spprintf(error, 4096, "phar error: tar-based phar \"%s\" has alias that is larger than 511 bytes, cannot process", fname);
}
php_stream_close(fp);
zend_hash_destroy(&myphar->manifest);
myphar->manifest.arBuckets = 0;
zend_hash_destroy(&myphar->mounted_dirs);
myphar->mounted_dirs.arBuckets = 0;
efree(myphar);
return FAILURE;
}
read = php_stream_read(fp, buf, size);
if (read == size) {
buf[size] = '\0';
if (!phar_validate_alias(buf, size)) {
if (size > 50) {
buf[50] = '.';
buf[51] = '.';
buf[52] = '.';
buf[53] = '\0';
}
if (error) {
spprintf(error, 4096, "phar error: invalid alias \"%s\" in tar-based phar \"%s\"", buf, fname);
}
php_stream_close(fp);
zend_hash_destroy(&myphar->manifest);
myphar->manifest.arBuckets = 0;
zend_hash_destroy(&myphar->mounted_dirs);
myphar->mounted_dirs.arBuckets = 0;
efree(myphar);
return FAILURE;
}
actual_alias = estrndup(buf, size);
myphar->alias = actual_alias;
myphar->alias_len = size;

25
ext/phar/tests/tar/badalias.phpt Normal file
View file

@ -0,0 +1,25 @@
--TEST--
Phar: invalid aliases
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip no zlib"); ?>
<?php if (!extension_loaded("bz2")) die("skip no bz2"); ?>
--FILE--
<?php
$e = dirname(__FILE__) . '/files/';
for ($i = 1; $i <= 5; $i++) {
try {
new Phar($e . "badalias$i.phar.tar");
} catch (Exception $ee) {
echo $ee->getMessage(), "\n";
}
}
?>
===DONE===
--EXPECTF--
phar error: invalid alias "hi/thereaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa..." in tar-based phar "%sbadalias1.phar.tar"
phar error: invalid alias "hi\there" in tar-based phar "%sbadalias2.phar.tar"
phar error: invalid alias "hi;there" in tar-based phar "%sbadalias3.phar.tar"
phar error: invalid alias "hi:there" in tar-based phar "%sbadalias4.phar.tar"
phar error: tar-based phar "%sbadalias5.phar.tar" has alias that is larger than 511 bytes, cannot process
===DONE===

BIN
ext/phar/tests/tar/files/badalias1.phar.tar Normal file
View file

Binary file not shown.

BIN
ext/phar/tests/tar/files/badalias2.phar.tar Normal file
View file

Binary file not shown.

BIN
ext/phar/tests/tar/files/badalias3.phar.tar Normal file
View file

Binary file not shown.

BIN
ext/phar/tests/tar/files/badalias4.phar.tar Normal file
View file

Binary file not shown.

BIN
ext/phar/tests/tar/files/badalias5.phar.tar Normal file
View file

Binary file not shown.