archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix #81420: ZipArchive::extractTo extracts outside of destination

Browse source 
We need to properly detect and handle absolute paths in a portable way.
This commit is contained in:
Christoph M. Becker 2021-09-06 17:42:46 +02:00 committed by Stanislav Malyshev
parent 521bd7ce15
commit df2ceac25a
No known key found for this signature in database
GPG key ID: 94B3CB48C3ECA219
3 changed files with 26 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
ext/zip/php_zip.c
View file

@ -106,8 +106,8 @@ static char * php_zip_make_relative_path(char *path, size_t path_len) /* {{{ */
return NULL; return NULL;
} }
if (IS_SLASH(path[0])) { if (IS_ABSOLUTE_PATH(path, path_len)) {
return path + 1; return path + COPY_WHEN_ABSOLUTE(path) + 1;
} }
i = path_len; i = path_len;

24
ext/zip/tests/bug81420.phpt Normal file
View file

@ -0,0 +1,24 @@
--TEST--
Bug #81420 (ZipArchive::extractTo extracts outside of destination)
--SKIPIF--
<?php
if (!extension_loaded("zip")) die("skip zip extension not available");
?>
--FILE--
<?php
$zip = new ZipArchive();
$zip->open(__DIR__ . "/bug81420.zip");
$destination = __DIR__ . "/bug81420";
mkdir($destination);
$zip->extractTo($destination);
var_dump(file_exists("$destination/nt1/zzr_noharm.php"));
?>
--CLEAN--
<?php
$destination = __DIR__ . "/bug81420";
@unlink("$destination/nt1/zzr_noharm.php");
@rmdir("$destination/nt1");
@rmdir($destination);
?>
--EXPECT--
bool(true)

BIN
ext/zip/tests/bug81420.zip Normal file
View file

Binary file not shown.