diff options
| author | Christoph M. Becker <cmbecker69@gmx.de> | 2016-09-06 00:28:28 +0200 |
|---|---|---|
| committer | Christoph M. Becker <cmbecker69@gmx.de> | 2016-09-06 01:03:46 +0200 |
| commit | 8aad3131a1d00e191db1b3b27aed6e7fae269f13 (patch) | |
| tree | ef5770487a027f145e140fb9e887b7a918f27f04 | |
| parent | dd6da58fac6532d72c9e699a45db2b52d68d4c50 (diff) | |
| download | php-git-8aad3131a1d00e191db1b3b27aed6e7fae269f13.tar.gz | |
Fix #70752: Depacking with wrong password leaves 0 length files
We should not open the output stream before we have tried to open the
archive entry, as failing the latter could leave an empty file behind.
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/zip/php_zip.c | 14 | ||||
| -rw-r--r-- | ext/zip/tests/bug70752.phpt | 31 | ||||
| -rw-r--r-- | ext/zip/tests/bug70752.zip | bin | 0 -> 175 bytes |
4 files changed, 42 insertions, 7 deletions
@@ -17,6 +17,10 @@ PHP NEWS . Fixed bug #72590 (Opcache restart with kill_all_lockers does not work). (Keyur) (julien backport) +- Zip: + . Fixed bug #70752 (Depacking with wrong password leaves 0 length files). + (cmb) + 15 Sep 2016, PHP 5.6.26 - Core: diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c index 47477ac256..eeca8ab44d 100644 --- a/ext/zip/php_zip.c +++ b/ext/zip/php_zip.c @@ -279,6 +279,12 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil return 0; } + zf = zip_fopen(za, file, 0); + if (zf == NULL) { + n = -1; + goto done; + } + #if PHP_API_VERSION < 20100412 stream = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL); #else @@ -287,13 +293,7 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil if (stream == NULL) { n = -1; - goto done; - } - - zf = zip_fopen(za, file, 0); - if (zf == NULL) { - n = -1; - php_stream_close(stream); + zip_fclose(zf); goto done; } diff --git a/ext/zip/tests/bug70752.phpt b/ext/zip/tests/bug70752.phpt new file mode 100644 index 0000000000..f006fbee9a --- /dev/null +++ b/ext/zip/tests/bug70752.phpt @@ -0,0 +1,31 @@ +--TEST-- +Bug #70752 (Depacking with wrong password leaves 0 length files) +--SKIPIF-- +<?php +if (!extension_loaded('zip')) die('skip zip extension not available'); +?> +--FILE-- +<?php +$filename = __DIR__ . DIRECTORY_SEPARATOR . 'bug70752.zip'; +$zip = new ZipArchive(); +$zip->open($filename); + +$filename = __DIR__ . DIRECTORY_SEPARATOR . 'bug70752.txt'; +var_dump(file_exists($filename)); + +$zip->setPassword('bar'); // correct password would be 'foo' +$zip->extractTo(__DIR__); +$zip->close(); + +var_dump(file_exists($filename)); +?> +===DONE=== +--EXPECT-- +bool(false) +bool(false) +===DONE=== +--CLEAN-- +<?php +$filename = __DIR__ . DIRECTORY_SEPARATOR . 'bug70752.txt'; +unlink($filename); +?> diff --git a/ext/zip/tests/bug70752.zip b/ext/zip/tests/bug70752.zip Binary files differnew file mode 100644 index 0000000000..9bec61bc18 --- /dev/null +++ b/ext/zip/tests/bug70752.zip |