Skip to content

Instantly share code, notes, and snippets.

@smalyshev smalyshev/71860.diff Secret
Created Mar 21, 2016

Embed
What would you like to do?
commit 1e9b175204e3286d64dfd6c9f09151c31b5e099a
Author: Stanislav Malyshev <stas@php.net>
Date: Sun Mar 20 20:54:09 2016 -0700
Fix bug #71860: Require valid paths for phar filenames
diff --git a/ext/phar/phar.c b/ext/phar/phar.c
index 18feace..08f480d 100644
--- a/ext/phar/phar.c
+++ b/ext/phar/phar.c
@@ -2196,6 +2196,10 @@ int phar_split_fname(const char *filename, int filename_len, char **arch, int *a
#endif
int ext_len;
+ if (CHECK_NULL_PATH(filename, filename_len)) {
+ return FAILURE;
+ }
+
if (!strncasecmp(filename, "phar://", 7)) {
filename += 7;
filename_len -= 7;
diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
index 22404dd..7c9c335 100644
--- a/ext/phar/phar_object.c
+++ b/ext/phar/phar_object.c
@@ -459,7 +459,7 @@ PHP_METHOD(Phar, mount)
size_t path_len, actual_len;
phar_archive_data *pphar;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", &path, &path_len, &actual, &actual_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "pp", &path, &path_len, &actual, &actual_len) == FAILURE) {
return;
}
@@ -938,7 +938,7 @@ PHP_METHOD(Phar, createDefaultStub)
zend_string *stub;
size_t index_len = 0, webindex_len = 0;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "|ss", &index, &index_len, &webindex, &webindex_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "|pp", &index, &index_len, &webindex, &webindex_len) == FAILURE) {
return;
}
@@ -982,7 +982,7 @@ PHP_METHOD(Phar, loadPhar)
char *fname, *alias = NULL, *error;
size_t fname_len, alias_len = 0;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|s!", &fname, &fname_len, &alias, &alias_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|s!", &fname, &fname_len, &alias, &alias_len) == FAILURE) {
return;
}
@@ -1062,7 +1062,7 @@ PHP_METHOD(Phar, isValidPharFilename)
int ext_len, is_executable;
zend_bool executable = 1;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|b", &fname, &fname_len, &executable) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|b", &fname, &fname_len, &executable) == FAILURE) {
return;
}
@@ -1134,11 +1134,11 @@ PHP_METHOD(Phar, __construct)
is_data = instanceof_function(Z_OBJCE_P(zobj), phar_ce_data);
if (is_data) {
- if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "s|ls!l", &fname, &fname_len, &flags, &alias, &alias_len, &format) == FAILURE) {
+ if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "p|ls!l", &fname, &fname_len, &flags, &alias, &alias_len, &format) == FAILURE) {
return;
}
} else {
- if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "s|ls!", &fname, &fname_len, &flags, &alias, &alias_len) == FAILURE) {
+ if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "p|ls!", &fname, &fname_len, &flags, &alias, &alias_len) == FAILURE) {
return;
}
}
@@ -1307,7 +1307,7 @@ PHP_METHOD(Phar, unlinkArchive)
int zname_len, arch_len, entry_len;
phar_archive_data *phar;
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
RETURN_FALSE;
}
@@ -1739,7 +1739,7 @@ PHP_METHOD(Phar, buildFromDirectory)
return;
}
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|s", &dir, &dir_len, &regex, &regex_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|s", &dir, &dir_len, &regex, &regex_len) == FAILURE) {
RETURN_FALSE;
}
@@ -2586,7 +2586,7 @@ PHP_METHOD(Phar, delete)
return;
}
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
RETURN_FALSE;
}
@@ -3400,7 +3400,7 @@ PHP_METHOD(Phar, copy)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", &oldfile, &oldfile_len, &newfile, &newfile_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "pp", &oldfile, &oldfile_len, &newfile, &newfile_len) == FAILURE) {
return;
}
@@ -3500,7 +3500,7 @@ PHP_METHOD(Phar, offsetExists)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
return;
}
@@ -3538,7 +3538,7 @@ PHP_METHOD(Phar, offsetGet)
zend_string *sfname;
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
return;
}
@@ -3685,8 +3685,8 @@ PHP_METHOD(Phar, offsetSet)
return;
}
- if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS(), "sr", &fname, &fname_len, &zresource) == FAILURE
- && zend_parse_parameters(ZEND_NUM_ARGS(), "ss", &fname, &fname_len, &cont_str, &cont_len) == FAILURE) {
+ if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS(), "pr", &fname, &fname_len, &zresource) == FAILURE
+ && zend_parse_parameters(ZEND_NUM_ARGS(), "ps", &fname, &fname_len, &cont_str, &cont_len) == FAILURE) {
return;
}
@@ -3724,7 +3724,7 @@ PHP_METHOD(Phar, offsetUnset)
return;
}
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
return;
}
@@ -3771,7 +3771,7 @@ PHP_METHOD(Phar, addEmptyDir)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &dirname, &dirname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p", &dirname, &dirname_len) == FAILURE) {
return;
}
@@ -3796,7 +3796,7 @@ PHP_METHOD(Phar, addFile)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|s", &fname, &fname_len, &localname, &localname_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|s", &fname, &fname_len, &localname, &localname_len) == FAILURE) {
return;
}
@@ -3838,7 +3838,7 @@ PHP_METHOD(Phar, addFromString)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", &localname, &localname_len, &cont_str, &cont_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "ps", &localname, &localname_len, &cont_str, &cont_len) == FAILURE) {
return;
}
@@ -4264,7 +4264,7 @@ PHP_METHOD(Phar, extractTo)
PHAR_ARCHIVE_OBJECT();
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|z!b", &pathto, &pathto_len, &zval_files, &overwrite) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "p|z!b", &pathto, &pathto_len, &zval_files, &overwrite) == FAILURE) {
return;
}
@@ -4396,7 +4396,7 @@ PHP_METHOD(PharFileInfo, __construct)
phar_archive_data *phar_data;
zval *zobj = getThis(), arg1;
- if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "s", &fname, &fname_len) == FAILURE) {
+ if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "p", &fname, &fname_len) == FAILURE) {
return;
}
diff --git a/ext/phar/tests/badparameters.phpt b/ext/phar/tests/badparameters.phpt
index a1a9fb7..4d0887f 100644
--- a/ext/phar/tests/badparameters.phpt
+++ b/ext/phar/tests/badparameters.phpt
@@ -147,19 +147,19 @@ echo $e->getMessage() . "\n";
--EXPECTF--
Warning: Phar::mungServer() expects parameter 1 to be array, %string given in %sbadparameters.php on line %d
-Warning: Phar::createDefaultStub() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::createDefaultStub() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
-Warning: Phar::loadPhar() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::loadPhar() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Warning: Phar::canCompress() expects parameter 1 to be integer, %string given in %sbadparameters.php on line %d
-Exception: Phar::__construct() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Exception: Phar::__construct() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Warning: Phar::convertToExecutable() expects parameter 1 to be integer, array given in %sbadparameters.php on line %d
Warning: Phar::convertToData() expects parameter 1 to be integer, array given in %sbadparameters.php on line %d
-Warning: PharData::delete() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: PharData::delete() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Cannot write out phar archive, phar is read-only
Entry oops does not exist and cannot be deleted
%sfiles/frontcontroller10.phar
@@ -186,18 +186,18 @@ Phar is readonly, cannot change compression
Warning: Phar::copy() expects exactly 2 parameters, 1 given in %sbadparameters.php on line %d
Cannot copy "a" to "b", phar is read-only
-Warning: Phar::offsetExists() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::offsetExists() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
-Warning: Phar::offsetGet() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::offsetGet() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Warning: Phar::offsetSet() expects exactly 2 parameters, 1 given in %sbadparameters.php on line %d
-Warning: PharData::offsetUnset() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: PharData::offsetUnset() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Write operations disabled by the php.ini setting phar.readonly
-Warning: Phar::addEmptyDir() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::addEmptyDir() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
-Warning: Phar::addFile() expects parameter 1 to be %string, array given in %sbadparameters.php on line %d
+Warning: Phar::addFile() expects parameter 1 to be a valid path, array given in %sbadparameters.php on line %d
Warning: Phar::addFromString() expects exactly 2 parameters, 1 given in %sbadparameters.php on line %d
Write operations disabled by the php.ini setting phar.readonly
diff --git a/ext/phar/tests/bug64931/bug64931.phpt b/ext/phar/tests/bug64931/bug64931.phpt
index 9c1f9dc..29e0c7b 100644
--- a/ext/phar/tests/bug64931/bug64931.phpt
+++ b/ext/phar/tests/bug64931/bug64931.phpt
@@ -48,11 +48,12 @@ try {
<?php
@unlink(__DIR__."/bug64931.phar");
?>
---EXPECT--
+--EXPECTF--
Test
CAUGHT: Cannot create any files in magic ".phar" directory
CAUGHT: Cannot create any files in magic ".phar" directory
CAUGHT: Cannot create any files in magic ".phar" directory
CAUGHT: Cannot create any files in magic ".phar" directory
-CAUGHT: Cannot create any files in magic ".phar" directory
+
+Warning: Phar::addFromString() expects parameter 1 to be a valid path, string given in %s/bug64931.php on line %d
===DONE===
\ No newline at end of file
diff --git a/ext/phar/tests/create_path_error.phpt b/ext/phar/tests/create_path_error.phpt
index fe2cd3e..3449b07 100644
--- a/ext/phar/tests/create_path_error.phpt
+++ b/ext/phar/tests/create_path_error.phpt
@@ -80,6 +80,5 @@ string(5) "query"
11:Error: file_put_contents(phar://%s): failed to open stream: phar error: invalid path "%s" contains illegal character
12:Error: file_put_contents(phar://%s): failed to open stream: phar error: invalid path "%s" contains illegal character
13:Error: file_put_contents(phar://%s): failed to open stream: phar error: invalid path "%s" contains illegal character
-Exception: Entry a does not exist and cannot be created: phar error: invalid path "a" contains illegal character
-===DONE===
+Error: Phar::offsetSet() expects parameter 1 to be a valid path, string given===DONE===
diff --git a/ext/phar/tests/phar_extract.phpt b/ext/phar/tests/phar_extract.phpt
index bc54523..f7d1403 100644
--- a/ext/phar/tests/phar_extract.phpt
+++ b/ext/phar/tests/phar_extract.phpt
@@ -138,7 +138,7 @@ string(3) "hi2"
bool(false)
Invalid argument, expected a filename (string) or array of filenames
-Warning: Phar::extractTo() expects parameter 1 to be %string, array given in %sphar_extract.php on line %d
+Warning: Phar::extractTo() expects parameter 1 to be a valid path, array given in %sphar_extract.php on line %d
Invalid argument, extraction path must be non-zero length
Unable to use path "%soops" for extraction, it is a file, must be a directory
Invalid argument, array of filenames to extract contains non-string value
diff --git a/ext/phar/tests/phar_isvalidpharfilename.phpt b/ext/phar/tests/phar_isvalidpharfilename.phpt
index dee9b7d..da07bec 100644
--- a/ext/phar/tests/phar_isvalidpharfilename.phpt
+++ b/ext/phar/tests/phar_isvalidpharfilename.phpt
@@ -76,7 +76,7 @@ var_dump(Phar::isValidPharFilename('dir.phar.php', false));
<?php
rmdir(dirname(__FILE__) . '/.phar');
--EXPECTF--
-Warning: Phar::isValidPharFilename() expects parameter 1 to be %string, array given in %sphar_isvalidpharfilename.php on line %d
+Warning: Phar::isValidPharFilename() expects parameter 1 to be a valid path, array given in %sphar_isvalidpharfilename.php on line %d
*
bool(false)
bool(false)
diff --git a/ext/phar/tests/phar_unlinkarchive.phpt b/ext/phar/tests/phar_unlinkarchive.phpt
index 4800c52..2f441ba 100644
--- a/ext/phar/tests/phar_unlinkarchive.phpt
+++ b/ext/phar/tests/phar_unlinkarchive.phpt
@@ -90,7 +90,7 @@ Unknown phar archive ""
Unknown phar archive "%sphar_unlinkarchive.phar"
Unknown phar archive "%sphar_unlinkarchive.phar.tar": internal corruption of phar "%sphar_unlinkarchive.phar.tar" (truncated entry)
-Warning: Phar::unlinkArchive() expects parameter 1 to be %string, array given in %sphar_unlinkarchive.php on line %d
+Warning: Phar::unlinkArchive() expects parameter 1 to be a valid path, array given in %sphar_unlinkarchive.php on line %d
bool(false)
string(48) "<?php echo "first stub\n"; __HALT_COMPILER(); ?>"
phar archive "%sphar_unlinkarchive.phar" has open file handles or objects. fclose() all file handles, and unset() all objects prior to calling unlinkArchive()
diff --git a/ext/phar/tests/pharfileinfo_construct.phpt b/ext/phar/tests/pharfileinfo_construct.phpt
index 1f4f617..53ee514 100644
--- a/ext/phar/tests/pharfileinfo_construct.phpt
+++ b/ext/phar/tests/pharfileinfo_construct.phpt
@@ -50,7 +50,7 @@ echo $e->getMessage() . "\n";
<?php unlink(dirname(__FILE__) . '/' . basename(__FILE__, '.clean.php') . '.phar'); ?>
--EXPECTF--
Cannot open phar file 'phar://%spharfileinfo_construct.phar/oops': internal corruption of phar "%spharfileinfo_construct.phar" (truncated entry)
-PharFileInfo::__construct() expects parameter 1 to be string, array given
+PharFileInfo::__construct() expects parameter 1 to be a valid path, array given
Cannot access phar file entry '%s' in archive '%s'
Cannot call constructor twice
'%s' is not a valid phar archive URL (must have at least phar://filename.phar)
@vah13

This comment has been minimized.

Copy link

commented Mar 21, 2016

ok, fixed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.