Patch for 73035

73035.diff

commit 75ebf471ff46ec6e5ee279b3650c11d51ebaf9e3
Author: Stanislav Malyshev <stas@php.net>
Date:   Sun Sep 11 21:37:44 2016 -0700

    Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)

diff --git a/ext/phar/tar.c b/ext/phar/tar.c
index 62edcb5..898ff85 100644
--- a/ext/phar/tar.c
+++ b/ext/phar/tar.c
@@ -286,7 +286,7 @@ bail:
 			}
 			curloc = php_stream_tell(fp);
 			read = php_stream_read(fp, buf, size);
-			if (read != size) {
+			if (read != size || read <= 8) {
 				if (error) {
 					spprintf(error, 4096, "phar error: tar-based phar \"%s\" signature cannot be read", fname);
 				}
diff --git a/ext/phar/tests/bug73035.phpt b/ext/phar/tests/bug73035.phpt
new file mode 100644
index 0000000..5928428
--- /dev/null
+++ b/ext/phar/tests/bug73035.phpt
@@ -0,0 +1,18 @@
+--TEST--
+Phar: #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile)
+--SKIPIF--
+<?php if (!extension_loaded("phar")) die("skip"); ?>
+--FILE--
+<?php
+chdir(__DIR__);
+try {
+$phar = new PharData('bug73035.tar');
+var_dump($phar);
+} catch(UnexpectedValueException $e) {
+	print $e->getMessage()."\n";
+}
+?>
+DONE
+--EXPECTF--
+phar error: tar-based phar "%sbug73035.tar" signature cannot be read
+DONE
\ No newline at end of file
diff --git a/ext/phar/tests/bug73035.tar b/ext/phar/tests/bug73035.tar
new file mode 100644
index 0000000..d8e4268
Binary files /dev/null and b/ext/phar/tests/bug73035.tar differ