summaryrefslogtreecommitdiff
path: root/ext/phar/tar.c
Commit message (Collapse)AuthorAgeFilesLines
* Replace zend_bool uses with boolNikita Popov2021-01-151-3/+3
| | | | | | | We're starting to see a mix between uses of zend_bool and bool. Replace all usages with the standard bool type everywhere. Of course, zend_bool is retained as an alias.
* Merge branch 'PHP-7.4' into PHP-8.0Christoph M. Becker2020-12-041-0/+9
|\ | | | | | | | | * PHP-7.4: Fix #75102: `PharData` says invalid checksum for valid tar
| * Fix #75102: `PharData` says invalid checksum for valid tarChristoph M. Becker2020-12-041-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | Apparently, there are broken tarballs out there which are actually in ustar format, but did not write the `ustar` marker. Since popular tar tools like GNU tar and 7zip have no issues dealing with such tarballs, Phar should also be more resilient. Thus, when the first checksum check of a tarball in (presumed) in old- style format fails, we check whether the checksum would be suitable for ustar format; if so, we treat the tarball as being in ustar format. Closes GH-6479.
* | [RFC] Only unserialize Phar metadata when getMetadata() is calledTyson Andre2020-08-031-31/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.php.net/rfc/phar_stop_autoloading_metadata Also, change the signature from `getMetadata()` to `getMetadata(array $unserialize_options = [])`. Start throwing earlier if setMetadata() is called and serialization threw. See https://externals.io/message/110856 and https://bugs.php.net/bug.php?id=76774 This was refactored to add a phar_metadata_tracker for the following reasons: - The way to properly copy a zval was previously implicit and undocumented (e.g. is it a pointer to a raw string or an actual value) - Avoid unnecessary serialization and unserialization in the most common case - If a metadata value is serialized once while saving a new/modified phar file, this allows reusing the same serialized string. - Have as few ways to copy/clone/lazily parse metadata (etc.) as possible, so that code changes can be limited to only a few places in the future. - Performance is hopefully not a concern - copying a string should be faster than unserializing a value, and metadata should be rare in most cases. Remove unnecessary skip in a test(Compression's unused) Add additional assertions about usage of persistent phars Improve robustness of `Phar*->setMetadata()` - Add sanity checks for edge cases freeing metadata, when destructors or serializers modify the phar recursively. - Typical use cases of php have phar.readonly=1 and would not be affected. Closes GH-5855
* | Fix [-Wundef] warning in PHAR extensionGeorge Peter Banyard2020-05-201-1/+1
|/
* Merge branch 'PHP-7.3' into PHP-7.4Christoph M. Becker2020-04-221-0/+8
|\ | | | | | | | | * PHP-7.3: Fix #79503: Memory leak on duplicate metadata
| * Fix #79503: Memory leak on duplicate metadataChristoph M. Becker2020-04-221-0/+8
| | | | | | | | | | Duplicate metadata can only happen if someone tampers with the phar, so we can and should treat that as error.
* | Fix build warningsRemi Collet2019-07-251-3/+3
| | | | | | | | - switch from strncpy to memcpy for -Wstringop-truncation
* | Merge branch 'PHP-7.3' into PHP-7.4Stanislav Malyshev2019-03-031-1/+6
|\ \ | |/ | | | | | | * PHP-7.3: Fix bug #77586 - phar_tar_writeheaders_int() buffer overflow
| * Merge branch 'PHP-7.2' into PHP-7.3Stanislav Malyshev2019-03-031-1/+6
| |\ | | | | | | | | | | | | * PHP-7.2: Fix bug #77586 - phar_tar_writeheaders_int() buffer overflow
| | * Merge branch 'PHP-7.1' into PHP-7.2Stanislav Malyshev2019-03-031-1/+6
| | |\ | | | | | | | | | | | | | | | | * PHP-7.1: Fix bug #77586 - phar_tar_writeheaders_int() buffer overflow
| | | * Fix bug #77586 - phar_tar_writeheaders_int() buffer overflowStanislav Malyshev2019-03-031-1/+6
| | | |
| | | * year++Xinchen Hui2018-01-021-1/+1
| | | |
| | | * Update copyright headers to 2017Sammy Kaye Powers2017-01-041-1/+1
| | | |
| | * | year++Xinchen Hui2018-01-021-1/+1
| | | |
| * | | Future-proof email addressesZeev Suraski2018-11-011-1/+1
| | | |
* | | | Update and fix remaining year ranges (2019)Peter Kokot2019-02-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | This patch follows previous license year ranges updates. With new approach source code files now have simplified headers with license information without year ranges.
* | | | Remove local variablesPeter Kokot2019-02-031-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly used by Vim and Emacs editors yet with recent changes the once working definitions don't work anymore in Vim without custom plugins or additional configuration. Neither are these settings synced across the PHP code base. A simpler and better approach is EditorConfig and fixing code using some code style fixing tools in the future instead. This patch also removes the so called modelines for Vim. Modelines allow Vim editor specifically to set some editor configuration such as syntax highlighting, indentation style and tab width to be set in the first line or the last 5 lines per file basis. Since the php test files have syntax highlighting already set in most editors properly and EditorConfig takes care of the indentation settings, this patch removes these as well for the Vim 6.0 and newer versions. With the removal of local variables for certain editors such as Emacs and Vim, the footer is also probably not needed anymore when creating extensions using ext_skel.php script. Additionally, Vim modelines for setting php syntax and some editor settings has been removed from some *.phpt files. All these are mostly not relevant for phpt files neither work properly in the middle of the file.
* | | | Fix some sign-related issues in comparisonsjvoisin2019-01-091-1/+1
| | | |
* | | | Future-proof email addresses...Zeev Suraski2018-11-011-1/+1
|/ / /
* | | Replace zval_dtor() with specialized destructorsDmitry Stogov2018-07-051-1/+1
| | |
* | | Removed "dead" code (zend_hash_update() never fails)Dmitry Stogov2018-06-011-16/+2
| | |
* | | Use zend_string_release_ex() instread of zend_string_release() in places, ↵Dmitry Stogov2018-05-281-1/+1
| | | | | | | | | | | | where we sure about string persistence.
* | | Move to unsigned types in pharAnatol Belski2018-04-181-10/+13
| | | | | | | | | | | | | | | | | | Preventing integer overflows in principle, which allows to avoid additional range checks. The phar format is based on 32-bit lengths, so the storage sizes was kept same.
* | | year++Xinchen Hui2018-01-021-1/+1
|/ /
* | Update copyright headers to 2017Sammy Kaye Powers2017-01-021-1/+1
| |
* | further normalizations, uint vs uint32_tAnatol Belski2016-11-261-3/+3
|/ | | | | | fix merge mistake yet one more replacement run
* fix erroneous resource destructionAnatol Belski2016-09-141-18/+2
|
* Merge branch 'PHP-7.0' into PHP-7.1Stanislav Malyshev2016-09-121-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-7.0: (22 commits) Fix bug #72293 - Heap overflow in mysqlnd related to BIT fields I don't think 8cceb012a7aabf3c36ab7c2724a436f976cdd165 is needed Fix test Add check in fgetcsv in case sizeof(unit) != sizeof(size_t) Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c Fix bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile) Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction Fix bug #73029 - Missing type check when unserializing SplArray Fix bug #72860: wddx_deserialize use-after-free Fix bug #73007: add locale length check Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile sync NEWS Revert "Merge branch 'PHP-5.6' into PHP-7.0" Merge branch 'PHP-5.6' into PHP-7.0 Merge branch 'PHP-5.6' into PHP-7.0 Revert "Revert "Merge branch 'PHP-5.6' into PHP-7.0"" fix version sync NEWS Fix bug #72957 set versions ...
| * Fix bug #73035 (Out of bound when verify signature of tar phar in ↵Stanislav Malyshev2016-09-121-1/+1
| | | | | | | | | | | | phar_parse_tarfile) (cherry picked from commit 75ebf471ff46ec6e5ee279b3650c11d51ebaf9e3)
* | fix leakAnatol Belski2016-09-021-0/+25
| |
* | Merge branch 'PHP-7.0'Xinchen Hui2016-03-011-8/+3
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-7.0: Fixed another segfault with file_cache_only now Fixed bugs #71317 and #71504 add test for bug #68957 update NEWS update NEWS Fixed #54648 PDO::MSSQL forces format of datetime fields remove unneeded free parts fix leaks and add one more NULL check add NULL check fix C89 compat fix arg type fix nmake clean in phpize mode
| * Merge branch 'PHP-5.6' into PHP-7.0Nikita Popov2016-02-291-8/+3
| |\ | | | | | | | | | | | | Conflicts: ext/phar/tar.c
| | * Fixed bugs #71317 and #71504Jos Elstgeest2016-02-291-1/+3
| | | | | | | | | | | | If there are duplicate filenames in tar, the last one wins.
* | | Replace usage of php_int32 and php_uint32 with int32_t and uint32_tRouven Weßling2016-02-041-12/+12
|/ /
* | Merge branch 'PHP-5.6.18' into PHP-7.0.3Stanislav Malyshev2016-02-011-7/+17
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6.18: fix tests fix NEWS Update NEWS update NEWS Fixed bug #71488: Stack overflow when decompressing tar archives update NEWS add missing headers for SIZE_MAX backport the escapeshell* functions hardening branch add tests Fix bug #71459 - Integer overflow in iptcembed() prepare 5.6.18RC1 Fix test when run with openssl < 1.0.2 (reorder so no more SSLv2 message) Fix skip message to work improve fix for bug #71201 Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata() Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream() Fix bug #71335: Type Confusion in WDDX Packet Deserialization Fix bug #71354 - remove UMR when size is 0 Conflicts: configure.in ext/phar/dirstream.c ext/phar/phar_object.c ext/phar/tar.c ext/standard/exec.c ext/standard/iptc.c ext/standard/math.c ext/standard/streamsfuncs.c ext/wddx/wddx.c main/php_version.h main/streams/memory.c
| * Merge branch 'PHP-5.5.32' into PHP-5.6.18Stanislav Malyshev2016-02-011-6/+19
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5.32: Fixed bug #71488: Stack overflow when decompressing tar archives update NEWS add missing headers for SIZE_MAX backport the escapeshell* functions hardening branch add tests Fix bug #71459 - Integer overflow in iptcembed() Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata() Fix bug #71335: Type Confusion in WDDX Packet Deserialization Fix bug #71354 - remove UMR when size is 0
| | * Fixed bug #71488: Stack overflow when decompressing tar archivesStanislav Malyshev2016-01-311-6/+16
| | |
| | * Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()Stanislav Malyshev2016-01-161-0/+3
| | |
| * | Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()Stanislav Malyshev2016-01-141-1/+1
| | |
* | | Merge branch 'PHP-5.6' into PHP-7.0Lior Kaplan2016-01-011-1/+1
|\ \ \ | |/ / | | | | | | | | | * PHP-5.6: Happy new year (Update copyright to 2016)
| * | Happy new year (Update copyright to 2016)Lior Kaplan2016-01-011-1/+1
| | |
* | | Use ZSTR_ API to access zend_string elements (this is just renaming without ↵Dmitry Stogov2015-06-301-4/+4
| | | | | | | | | | | | semantick changes).
* | | cleanup duplicated stat declarations in ext/pharAnatol Belski2015-05-251-3/+1
| | |
* | | Merge branch 'PHP-5.6'Stanislav Malyshev2015-05-121-1/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: fix format update NEWS Add test for bug #69522 Update tests Fix bug #69522 - do not allow int overflow Forgot test file Fix bug #69403 and other int overflows Fixed bug #69418 - more s->p fixes for filenames Fixed bug #69364 - use smart_str to assemble strings Fix bug #69453 - don't try to cut empty string Fix bug #69545 - avoid overflow when reading list Conflicts: Zend/zend_alloc.c Zend/zend_operators.c ext/ftp/ftp.c ext/pcntl/pcntl.c ext/standard/basic_functions.c ext/standard/dir.c ext/standard/file.c ext/standard/pack.c ext/standard/string.c main/rfc1867.c
| * | Merge branch 'PHP-5.5' into PHP-5.6Stanislav Malyshev2015-05-121-1/+1
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: fix format update NEWS Add test for bug #69522 Update tests Fix bug #69522 - do not allow int overflow Forgot test file Fix bug #69403 and other int overflows Fixed bug #69418 - more s->p fixes for filenames Fixed bug #69364 - use smart_str to assemble strings Fix bug #69453 - don't try to cut empty string Fix bug #69545 - avoid overflow when reading list Conflicts: ext/standard/pack.c
| | * Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2015-05-121-1/+1
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: fix format update NEWS Add test for bug #69522 Update tests Fix bug #69522 - do not allow int overflow Forgot test file Fix bug #69403 and other int overflows Fixed bug #69418 - more s->p fixes for filenames Fixed bug #69364 - use smart_str to assemble strings Fix bug #69453 - don't try to cut empty string Fix bug #69545 - avoid overflow when reading list Conflicts: ext/pcntl/pcntl.c ext/standard/basic_functions.c ext/standard/pack.c ext/standard/tests/dir/opendir_variation1-win32.phpt
| | | * Fix bug #69453 - don't try to cut empty stringStanislav Malyshev2015-04-291-1/+1
| | | |
| | | * Bump yearXinchen Hui2014-01-031-1/+1
| | | |
* | | | Merge branch 'PHP-5.6'Michael Wallner2015-03-301-2/+5
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | * PHP-5.6: BFN fix bug #67761
View Lorry Controller Status