summaryrefslogtreecommitdiff
path: root/ext/phar
diff options
context:
space:
mode:
authorStanislav Malyshev <stas@php.net>2014-04-22 16:57:47 -0700
committerStanislav Malyshev <stas@php.net>2014-04-22 16:57:47 -0700
commitab8065e4ecdbaa59aaf5a37e62be50815af19e53 (patch)
treefcf0f157fed29022a30f68d7000173295277e65a /ext/phar
parent742f4704a97844654bde3f9f054e6678ef897a1a (diff)
parentaca526a13b8fa9b3444906a18c3e20a7d2672d94 (diff)
downloadphp-git-ab8065e4ecdbaa59aaf5a37e62be50815af19e53.tar.gz
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5: Fix accepting ill-formed UTF-8 characters
Diffstat (limited to 'ext/phar')
-rw-r--r--ext/phar/phar_path_check.c277
-rw-r--r--ext/phar/phar_path_check.re32
-rw-r--r--ext/phar/tests/create_path_error.phpt4
3 files changed, 187 insertions, 126 deletions
diff --git a/ext/phar/phar_path_check.c b/ext/phar/phar_path_check.c
index 11d126e535..ebf4aac58b 100644
--- a/ext/phar/phar_path_check.c
+++ b/ext/phar/phar_path_check.c
@@ -50,65 +50,87 @@ loop:
if ((YYLIMIT - YYCURSOR) < 4) YYFILL(4);
yych = *YYCURSOR;
- if (yych <= '>') {
- if (yych <= 0x19) {
- if (yych <= 0x00) goto yy16;
- if (yych == '\n') goto yy15;
- goto yy14;
+ if (yych <= '[') {
+ if (yych <= ')') {
+ if (yych <= '\t') {
+ if (yych <= 0x00) goto yy21;
+ goto yy23;
+ } else {
+ if (yych <= '\n') goto yy2;
+ if (yych <= 0x19) goto yy23;
+ goto yy11;
+ }
} else {
- if (yych <= '*') {
- if (yych <= ')') goto yy18;
- goto yy6;
+ if (yych <= '/') {
+ if (yych <= '*') goto yy7;
+ if (yych <= '.') goto yy11;
+ goto yy3;
} else {
- if (yych != '/') goto yy18;
+ if (yych == '?') goto yy9;
+ goto yy11;
}
}
} else {
- if (yych <= 0x7F) {
- if (yych <= '?') goto yy8;
- if (yych == '\\') goto yy4;
- goto yy18;
+ if (yych <= 0xEC) {
+ if (yych <= 0xC1) {
+ if (yych <= '\\') goto yy5;
+ if (yych <= 0x7F) goto yy11;
+ goto yy23;
+ } else {
+ if (yych <= 0xDF) goto yy12;
+ if (yych <= 0xE0) goto yy14;
+ goto yy15;
+ }
} else {
- if (yych <= 0xDF) {
- if (yych <= 0xBF) goto yy14;
- goto yy10;
+ if (yych <= 0xF0) {
+ if (yych <= 0xED) goto yy16;
+ if (yych <= 0xEF) goto yy17;
+ goto yy18;
} else {
- if (yych <= 0xEF) goto yy12;
- if (yych <= 0xF7) goto yy13;
- goto yy14;
+ if (yych <= 0xF3) goto yy19;
+ if (yych <= 0xF4) goto yy20;
+ goto yy23;
}
}
}
+yy2:
+ YYCURSOR = YYMARKER;
+ if (yyaccept <= 0) {
+ goto yy4;
+ } else {
+ goto yy13;
+ }
+yy3:
yyaccept = 0;
yych = *(YYMARKER = ++YYCURSOR);
- if (yych <= '-') goto yy3;
- if (yych <= '.') goto yy29;
- if (yych <= '/') goto yy30;
-yy3:
-#line 105 "ext/phar/phar_path_check.re"
+ if (yych <= '-') goto yy4;
+ if (yych <= '.') goto yy35;
+ if (yych <= '/') goto yy36;
+yy4:
+#line 88 "ext/phar/phar_path_check.re"
{
goto loop;
}
-#line 93 "ext/phar/phar_path_check.c"
-yy4:
+#line 115 "ext/phar/phar_path_check.c"
+yy5:
++YYCURSOR;
-#line 63 "ext/phar/phar_path_check.re"
+#line 72 "ext/phar/phar_path_check.re"
{
*error = "back-slash";
return pcr_err_back_slash;
}
-#line 101 "ext/phar/phar_path_check.c"
-yy6:
+#line 123 "ext/phar/phar_path_check.c"
+yy7:
++YYCURSOR;
-#line 67 "ext/phar/phar_path_check.re"
+#line 76 "ext/phar/phar_path_check.re"
{
*error = "star";
return pcr_err_star;
}
-#line 109 "ext/phar/phar_path_check.c"
-yy8:
+#line 131 "ext/phar/phar_path_check.c"
+yy9:
++YYCURSOR;
-#line 71 "ext/phar/phar_path_check.re"
+#line 80 "ext/phar/phar_path_check.re"
{
if (**s == '/') {
(*s)++;
@@ -117,39 +139,66 @@ yy8:
*error = NULL;
return pcr_use_query;
}
-#line 121 "ext/phar/phar_path_check.c"
-yy10:
- ++YYCURSOR;
- if ((yych = *YYCURSOR) <= 0x7F) goto yy11;
- if (yych <= 0xBF) goto yy27;
+#line 143 "ext/phar/phar_path_check.c"
yy11:
-#line 88 "ext/phar/phar_path_check.re"
+ yych = *++YYCURSOR;
+ goto yy4;
+yy12:
+ ++YYCURSOR;
+ if ((yych = *YYCURSOR) <= 0x7F) goto yy13;
+ if (yych <= 0xBF) goto yy26;
+yy13:
+#line 104 "ext/phar/phar_path_check.re"
{
*error ="illegal character";
return pcr_err_illegal_char;
}
-#line 132 "ext/phar/phar_path_check.c"
-yy12:
+#line 157 "ext/phar/phar_path_check.c"
+yy14:
yyaccept = 1;
yych = *(YYMARKER = ++YYCURSOR);
- if (yych <= 0x7F) goto yy11;
- if (yych <= 0xBF) goto yy24;
- goto yy11;
-yy13:
+ if (yych <= 0x9F) goto yy13;
+ if (yych <= 0xBF) goto yy34;
+ goto yy13;
+yy15:
yyaccept = 1;
yych = *(YYMARKER = ++YYCURSOR);
- if (yych <= 0x7F) goto yy11;
- if (yych <= 0xBF) goto yy19;
- goto yy11;
-yy14:
- yych = *++YYCURSOR;
- goto yy11;
-yy15:
- yych = *++YYCURSOR;
- goto yy11;
+ if (yych <= 0x7F) goto yy13;
+ if (yych <= 0xBF) goto yy33;
+ goto yy13;
yy16:
+ yyaccept = 1;
+ yych = *(YYMARKER = ++YYCURSOR);
+ if (yych <= 0x7F) goto yy13;
+ if (yych <= 0x9F) goto yy32;
+ goto yy13;
+yy17:
+ yyaccept = 1;
+ yych = *(YYMARKER = ++YYCURSOR);
+ if (yych <= 0x7F) goto yy13;
+ if (yych <= 0xBF) goto yy31;
+ goto yy13;
+yy18:
+ yyaccept = 1;
+ yych = *(YYMARKER = ++YYCURSOR);
+ if (yych <= 0x8F) goto yy13;
+ if (yych <= 0xBF) goto yy29;
+ goto yy13;
+yy19:
+ yyaccept = 1;
+ yych = *(YYMARKER = ++YYCURSOR);
+ if (yych <= 0x7F) goto yy13;
+ if (yych <= 0xBF) goto yy27;
+ goto yy13;
+yy20:
+ yyaccept = 1;
+ yych = *(YYMARKER = ++YYCURSOR);
+ if (yych <= 0x7F) goto yy13;
+ if (yych <= 0x8F) goto yy24;
+ goto yy13;
+yy21:
++YYCURSOR;
-#line 92 "ext/phar/phar_path_check.re"
+#line 91 "ext/phar/phar_path_check.re"
{
if (**s == '/') {
(*s)++;
@@ -163,84 +212,92 @@ yy16:
*error = NULL;
return pcr_is_ok;
}
-#line 167 "ext/phar/phar_path_check.c"
-yy18:
+#line 216 "ext/phar/phar_path_check.c"
+yy23:
yych = *++YYCURSOR;
- goto yy3;
-yy19:
+ goto yy13;
+yy24:
yych = *++YYCURSOR;
- if (yych <= 0x7F) goto yy20;
- if (yych <= 0xBF) goto yy21;
-yy20:
- YYCURSOR = YYMARKER;
- if (yyaccept <= 0) {
- goto yy3;
- } else {
- goto yy11;
- }
-yy21:
+ if (yych <= 0x7F) goto yy2;
+ if (yych >= 0xC0) goto yy2;
yych = *++YYCURSOR;
- if (yych <= 0x7F) goto yy20;
- if (yych >= 0xC0) goto yy20;
- ++YYCURSOR;
-#line 85 "ext/phar/phar_path_check.re"
- {
- goto loop;
- }
-#line 191 "ext/phar/phar_path_check.c"
-yy24:
+ if (yych <= 0x7F) goto yy2;
+ if (yych >= 0xC0) goto yy2;
+yy26:
yych = *++YYCURSOR;
- if (yych <= 0x7F) goto yy20;
- if (yych >= 0xC0) goto yy20;
- ++YYCURSOR;
-#line 82 "ext/phar/phar_path_check.re"
- {
- goto loop;
- }
-#line 201 "ext/phar/phar_path_check.c"
+ goto yy4;
yy27:
- ++YYCURSOR;
-#line 79 "ext/phar/phar_path_check.re"
- {
- goto loop;
- }
-#line 208 "ext/phar/phar_path_check.c"
+ yych = *++YYCURSOR;
+ if (yych <= 0x7F) goto yy2;
+ if (yych >= 0xC0) goto yy2;
+ yych = *++YYCURSOR;
+ if (yych <= 0x7F) goto yy2;
+ if (yych <= 0xBF) goto yy26;
+ goto yy2;
yy29:
yych = *++YYCURSOR;
- if (yych <= 0x00) goto yy33;
- if (yych <= '-') goto yy20;
- if (yych <= '.') goto yy32;
- if (yych <= '/') goto yy33;
- goto yy20;
-yy30:
+ if (yych <= 0x7F) goto yy2;
+ if (yych >= 0xC0) goto yy2;
+ yych = *++YYCURSOR;
+ if (yych <= 0x7F) goto yy2;
+ if (yych <= 0xBF) goto yy26;
+ goto yy2;
+yy31:
+ yych = *++YYCURSOR;
+ if (yych <= 0x7F) goto yy2;
+ if (yych <= 0xBF) goto yy26;
+ goto yy2;
+yy32:
+ yych = *++YYCURSOR;
+ if (yych <= 0x7F) goto yy2;
+ if (yych <= 0xBF) goto yy26;
+ goto yy2;
+yy33:
+ yych = *++YYCURSOR;
+ if (yych <= 0x7F) goto yy2;
+ if (yych <= 0xBF) goto yy26;
+ goto yy2;
+yy34:
+ yych = *++YYCURSOR;
+ if (yych <= 0x7F) goto yy2;
+ if (yych <= 0xBF) goto yy26;
+ goto yy2;
+yy35:
+ yych = *++YYCURSOR;
+ if (yych <= 0x00) goto yy39;
+ if (yych <= '-') goto yy2;
+ if (yych <= '.') goto yy38;
+ if (yych <= '/') goto yy39;
+ goto yy2;
+yy36:
++YYCURSOR;
-#line 51 "ext/phar/phar_path_check.re"
+#line 60 "ext/phar/phar_path_check.re"
{
*error = "double slash";
return pcr_err_double_slash;
}
-#line 223 "ext/phar/phar_path_check.c"
-yy32:
+#line 280 "ext/phar/phar_path_check.c"
+yy38:
yych = *++YYCURSOR;
- if (yych <= 0x00) goto yy35;
- if (yych == '/') goto yy35;
- goto yy20;
-yy33:
+ if (yych <= 0x00) goto yy41;
+ if (yych == '/') goto yy41;
+ goto yy2;
+yy39:
++YYCURSOR;
-#line 59 "ext/phar/phar_path_check.re"
+#line 68 "ext/phar/phar_path_check.re"
{
*error = "current directory reference";
return pcr_err_curr_dir;
}
-#line 236 "ext/phar/phar_path_check.c"
-yy35:
+#line 293 "ext/phar/phar_path_check.c"
+yy41:
++YYCURSOR;
-#line 55 "ext/phar/phar_path_check.re"
+#line 64 "ext/phar/phar_path_check.re"
{
*error = "upper directory reference";
return pcr_err_up_dir;
}
-#line 244 "ext/phar/phar_path_check.c"
+#line 301 "ext/phar/phar_path_check.c"
}
#line 108 "ext/phar/phar_path_check.re"
diff --git a/ext/phar/phar_path_check.re b/ext/phar/phar_path_check.re
index b182d78480..df64076871 100644
--- a/ext/phar/phar_path_check.re
+++ b/ext/phar/phar_path_check.re
@@ -42,10 +42,19 @@ phar_path_check_result phar_path_check(char **s, int *len, const char **error)
loop:
/*!re2c
END = "\x00";
-MB2 = ([\xC0-\xDF][\x80-\xBF]);
-MB3 = ([\xE0-\xEF][\x80-\xBF]{2});
-MB4 = ([\xF0-\xF7][\x80-\xBF]{3});
-ILL = [\x01-\x19\x80-\xFF];
+UTF8T = [\x80-\xBF] ;
+UTF8_1 = [\x1A-\x7F] ;
+UTF8_2 = [\xC2-\xDF] UTF8T ;
+UTF8_3A = "\xE0" [\xA0-\xBF] UTF8T ;
+UTF8_3B = [\xE1-\xEC] UTF8T{2} ;
+UTF8_3C = "\xED" [\x80-\x9F] UTF8T ;
+UTF8_3D = [\xEE-\xEF] UTF8T{2} ;
+UTF8_3 = UTF8_3A | UTF8_3B | UTF8_3C | UTF8_3D ;
+UTF8_4A = "\xF0"[\x90-\xBF] UTF8T{2} ;
+UTF8_4B = [\xF1-\xF3] UTF8T{3} ;
+UTF8_4C = "\xF4" [\x80-\x8F] UTF8T{2} ;
+UTF8_4 = UTF8_4A | UTF8_4B | UTF8_4C ;
+UTF8 = UTF8_1 | UTF8_2 | UTF8_3 | UTF8_4 ;
EOS = "/" | END;
ANY = .;
"//" {
@@ -76,18 +85,8 @@ ANY = .;
*error = NULL;
return pcr_use_query;
}
-MB2 {
+UTF8 {
goto loop;
- }
-MB3 {
- goto loop;
- }
-MB4 {
- goto loop;
- }
-ILL {
- *error ="illegal character";
- return pcr_err_illegal_char;
}
END {
if (**s == '/') {
@@ -103,7 +102,8 @@ END {
return pcr_is_ok;
}
ANY {
- goto loop;
+ *error ="illegal character";
+ return pcr_err_illegal_char;
}
*/
}
diff --git a/ext/phar/tests/create_path_error.phpt b/ext/phar/tests/create_path_error.phpt
index 7451d9cd39..886ba81925 100644
--- a/ext/phar/tests/create_path_error.phpt
+++ b/ext/phar/tests/create_path_error.phpt
@@ -34,6 +34,8 @@ $checks = array(
"\xF0\x9F\x98\x8D.ttf", // valid 4 byte char - smiling face with heart-shaped eyes
"Font\xE9\xBBpro.ttf", //Invalid multi-byte character - missing last byte
"Font\xBB\x91pro.ttf", //Invalid multi-byte character - missing first byte
+ "Font\xC0\xAFpro.ttf", //Invalid multi-byte character - invalid first byte
+ "Font\xF0\x80\x90\x90pro.ttf", //Invalid multi-byte character - surrogate pair code point
"\xFC\x81\x81\x81\x81pro.ttf", //RFC 3629 limited char points to 0000-10FFFF aka 5 byte utf-8 not valid
);
foreach($checks as $check)
@@ -76,6 +78,8 @@ string(5) "query"
9:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
10:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
11:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
+12:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
+13:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
Exception: Entry a does not exist and cannot be created: phar error: invalid path "a" contains illegal character
===DONE===