lib zip.h zip_open.c zip_replace.c

Pierre-Alain Joye Sun, 13 Aug 2006 14:30:17 -0700

pajoye          Sun Aug 13 21:09:59 2006 UTC

  Modified files:              (Branch: PHP_5_2)
    /php-src/ext/zip    php_zip.c 
    /php-src/ext/zip/lib        zip.h zip_open.c zip_replace.c 
  Log:
  - MFP:
   - add overwrite mode to ZipArchive::open, always starts a new archive
   - Fix safe mode checks on extract
   - Fix possible leaks when a safe mode error has been raised
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.2&r2=1.1.2.3&diff_format=u
Index: php-src/ext/zip/php_zip.c
diff -u php-src/ext/zip/php_zip.c:1.1.2.2 php-src/ext/zip/php_zip.c:1.1.2.3
--- php-src/ext/zip/php_zip.c:1.1.2.2   Sun Aug 13 00:52:59 2006
+++ php-src/ext/zip/php_zip.c   Sun Aug 13 21:09:59 2006
@@ -16,7 +16,7 @@
   +----------------------------------------------------------------------+
 */
 
-/* $Id: php_zip.c,v 1.1.2.2 2006/08/13 00:52:59 pajoye Exp $ */
+/* $Id: php_zip.c,v 1.1.2.3 2006/08/13 21:09:59 pajoye Exp $ */
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -113,7 +113,11 @@
 
        php_basename(file, file_len, NULL, 0, &file_basename, 
&file_basename_len TSRMLS_CC);
 
-       SAFEMODE_CHECKFILE(file_dirname_fullpath);
+       if (SAFEMODE_CHECKFILE(file_dirname_fullpath)) {
+               efree(file_dirname_fullpath);
+               efree(file_basename);
+               return 0;
+       }
 
        /* let see if the path already exists */
        if (php_stream_stat_path(file_dirname_fullpath, &ssb) < 0) {
@@ -143,7 +147,11 @@
         * is required, does a file can have a different
         * safemode status as its parent folder?
         */
-       SAFEMODE_CHECKFILE(fullpath);
+       if (SAFEMODE_CHECKFILE(fullpath)) {
+               efree(file_dirname_fullpath);
+               efree(file_basename);
+               return 0;
+       }
 
        zf = zip_fopen(za, file, 0);
        if (zf == NULL) {
@@ -1880,6 +1888,8 @@
        REGISTER_ZIP_CLASS_CONST_LONG("CREATE", ZIP_CREATE);
        REGISTER_ZIP_CLASS_CONST_LONG("EXCL", ZIP_EXCL);
        REGISTER_ZIP_CLASS_CONST_LONG("CHECKCONS", ZIP_CHECKCONS);
+       REGISTER_ZIP_CLASS_CONST_LONG("OVERWRITE", ZIP_OVERWRITE);
+
        REGISTER_ZIP_CLASS_CONST_LONG("FL_NOCASE", ZIP_FL_NOCASE);
        REGISTER_ZIP_CLASS_CONST_LONG("FL_NODIR", ZIP_FL_NODIR);
        REGISTER_ZIP_CLASS_CONST_LONG("FL_COMPRESSED", ZIP_FL_COMPRESSED);
@@ -1951,7 +1961,7 @@
        php_info_print_table_start();
 
        php_info_print_table_row(2, "Zip", "enabled");
-       php_info_print_table_row(2, "Extension Version","$Id: php_zip.c,v 
1.1.2.2 2006/08/13 00:52:59 pajoye Exp $");
+       php_info_print_table_row(2, "Extension Version","$Id: php_zip.c,v 
1.1.2.3 2006/08/13 21:09:59 pajoye Exp $");
        php_info_print_table_row(2, "Zip version", "1.4.0");
        php_info_print_table_row(2, "Libzip version", "0.7.1");
 
http://cvs.php.net/viewvc.cgi/php-src/ext/zip/lib/zip.h?r1=1.1&r2=1.1.2.1&diff_format=u
Index: php-src/ext/zip/lib/zip.h
diff -u php-src/ext/zip/lib/zip.h:1.1 php-src/ext/zip/lib/zip.h:1.1.2.1
--- php-src/ext/zip/lib/zip.h:1.1       Mon Jul 24 16:58:58 2006
+++ php-src/ext/zip/lib/zip.h   Sun Aug 13 21:09:59 2006
@@ -53,6 +53,7 @@
 #define ZIP_CREATE           1
 #define ZIP_EXCL             2
 #define ZIP_CHECKCONS        4
+#define ZIP_OVERWRITE        8
 
 
 /* flags for zip_name_locate, zip_fopen, zip_stat, ... */
http://cvs.php.net/viewvc.cgi/php-src/ext/zip/lib/zip_open.c?r1=1.1&r2=1.1.2.1&diff_format=u
Index: php-src/ext/zip/lib/zip_open.c
diff -u php-src/ext/zip/lib/zip_open.c:1.1 
php-src/ext/zip/lib/zip_open.c:1.1.2.1
--- php-src/ext/zip/lib/zip_open.c:1.1  Mon Jul 24 16:58:58 2006
+++ php-src/ext/zip/lib/zip_open.c      Sun Aug 13 21:09:59 2006
@@ -74,9 +74,9 @@
        set_error(zep, NULL, ZIP_ER_INVAL);
        return NULL;
     }
-    
-    if (stat(fn, &st) != 0) {
-       if (flags & ZIP_CREATE) {
+
+    if (flags & ZIP_OVERWRITE || stat(fn, &st) != 0) {
+       if ((flags & ZIP_CREATE) || (flags & ZIP_OVERWRITE)) {
            if ((za=_zip_new(&error)) == NULL) {
                set_error(zep, &error, 0);
                return NULL;
@@ -99,14 +99,15 @@
        set_error(zep, NULL, ZIP_ER_EXISTS);
        return NULL;
     }
+
+
     /* ZIP_CREATE gets ignored if file exists and not ZIP_EXCL,
        just like open() */
-    
-    if ((fp=fopen(fn, "rb")) == NULL) {
-       set_error(zep, NULL, ZIP_ER_OPEN);
-       return NULL;
-    }
-    
+       if ((fp=fopen(fn, "rb")) == NULL) {
+               set_error(zep, NULL, ZIP_ER_OPEN);
+               return NULL;
+       }
+
     clearerr(fp);
     fseek(fp, 0, SEEK_END);
     len = ftell(fp);
http://cvs.php.net/viewvc.cgi/php-src/ext/zip/lib/zip_replace.c?r1=1.1&r2=1.1.2.1&diff_format=u
Index: php-src/ext/zip/lib/zip_replace.c
diff -u php-src/ext/zip/lib/zip_replace.c:1.1 
php-src/ext/zip/lib/zip_replace.c:1.1.2.1
--- php-src/ext/zip/lib/zip_replace.c:1.1       Mon Jul 24 16:58:58 2006
+++ php-src/ext/zip/lib/zip_replace.c   Sun Aug 13 21:09:59 2006
@@ -66,11 +66,14 @@
                        return -1;
                idx = za->nentry - 1;
        }
-    
+
+   
     _zip_unchange_data(za->entry+idx);
 
     if (name && _zip_set_name(za, idx, name) != 0)
                return -1;
+ 
+
     za->entry[idx].state = ((za->cdir == NULL || idx >= za->cdir->nentry)
                            ? ZIP_ST_ADDED : ZIP_ST_REPLACED);
     za->entry[idx].source = source;


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_5_2) /ext/zip php_zip.c /ext/zip/lib zip.h zip_open.c zip_replace.c

Reply via email to