pajoye Tue, 11 Aug 2009 15:12:00 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=287095
Log: - fixed bug #49072, feof never returns true for damaged file in zip Bug: http://bugs.php.net/49072 (No Feedback) feof never returns true for damaged file in zip Changed paths: U php/php-src/branches/PHP_5_2/NEWS U php/php-src/branches/PHP_5_2/ext/zip/lib/zip_fread.c A php/php-src/branches/PHP_5_2/ext/zip/tests/bug49072.phpt A php/php-src/branches/PHP_5_2/ext/zip/tests/bug49072.zip U php/php-src/branches/PHP_5_2/ext/zip/zip_stream.c U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/zip/lib/zip_fread.c A php/php-src/branches/PHP_5_3/ext/zip/tests/bug49072.phpt A php/php-src/branches/PHP_5_3/ext/zip/tests/bug49072.zip U php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c U php/php-src/trunk/ext/zip/lib/zip_fread.c A php/php-src/trunk/ext/zip/tests/bug49072.phpt A php/php-src/trunk/ext/zip/tests/bug49072.zip U php/php-src/trunk/ext/zip/zip_stream.c
Modified: php/php-src/branches/PHP_5_2/NEWS =================================================================== --- php/php-src/branches/PHP_5_2/NEWS 2009-08-11 14:35:20 UTC (rev 287094) +++ php/php-src/branches/PHP_5_2/NEWS 2009-08-11 15:12:00 UTC (rev 287095) @@ -11,6 +11,7 @@ - Fixed bug #49095 (proc_get_status['exitcode'] fails on win32). (Felipe) - Fixed bug #49074 (private class static fields can be modified by using reflection). (Jani) +- Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre) - Fixed bug #49052 (context option headers freed too early when using --with-curlwrappers). (Jani) - Fixed bug #49032 (SplFileObject::fscanf() variables passed by reference). Modified: php/php-src/branches/PHP_5_2/ext/zip/lib/zip_fread.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/zip/lib/zip_fread.c 2009-08-11 14:35:20 UTC (rev 287094) +++ php/php-src/branches/PHP_5_2/ext/zip/lib/zip_fread.c 2009-08-11 15:12:00 UTC (rev 287095) @@ -83,15 +83,26 @@ ret = inflate(zf->zstr, Z_SYNC_FLUSH); switch (ret) { + case Z_STREAM_END: + zf->flags |= ZIP_ZF_EOF; + case Z_OK: - case Z_STREAM_END: + /* all ok */ /* Z_STREAM_END probably won't happen, since we didn't have a header */ len = zf->zstr->total_out - out_before; if (len >= zf->bytes_left || len >= toread) { - if (zf->flags & ZIP_ZF_CRC) - zf->crc = crc32(zf->crc, (Bytef *)outbuf, len); + if (zf->flags & ZIP_ZF_CRC) { + zf->crc = crc32(zf->crc, (Bytef *)outbuf, len); + if (zf->flags & ZIP_ZF_EOF == 1) { + if (zf->crc != zf->crc_orig) { + _zip_error_set(&zf->error, ZIP_ER_CRC, 0); + return -1; + } + + } + } zf->bytes_left -= len; return len; } Added: php/php-src/branches/PHP_5_2/ext/zip/tests/bug49072.phpt =================================================================== --- php/php-src/branches/PHP_5_2/ext/zip/tests/bug49072.phpt (rev 0) +++ php/php-src/branches/PHP_5_2/ext/zip/tests/bug49072.phpt 2009-08-11 15:12:00 UTC (rev 287095) @@ -0,0 +1,24 @@ +--TEST-- +Bug #49072 (feof never returns true for damaged file in zip) +--SKIPIF-- +<?php +/* $Id$ */ +if(!extension_loaded('zip')) die('skip'); +?> +--FILE-- +<?php +$f = dirname(__FILE__) . '/bug49072.zip'; +$o = new ZipArchive(); +if (! $o->open($f, ZipArchive::CHECKCONS)) { + exit ('error can\'t open'); +} +$r = $o->getStream('file1'); // this file has a wrong crc +if (!$r)die('failed to open a stream for file1'); +$s = ''; +while (! feof($r)) { + $s .= fread($r,1024); +} +?> +--EXPECTF-- + +Warning: fread(): Zip stream error: CRC error in %s on line %d Added: php/php-src/branches/PHP_5_2/ext/zip/tests/bug49072.zip =================================================================== (Binary files differ) Property changes on: php/php-src/branches/PHP_5_2/ext/zip/tests/bug49072.zip ___________________________________________________________________ Added: svn:mime-type + application/octet-stream Modified: php/php-src/branches/PHP_5_2/ext/zip/zip_stream.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/zip/zip_stream.c 2009-08-11 14:35:20 UTC (rev 287094) +++ php/php-src/branches/PHP_5_2/ext/zip/zip_stream.c 2009-08-11 15:12:00 UTC (rev 287095) @@ -35,9 +35,15 @@ if (self->za && self->zf) { n = (size_t)zip_fread(self->zf, buf, (int)count); - - if (n == 0) { + if (n < 0) { + int ze, se; + zip_file_error_get(self->zf, &ze, &se); stream->eof = 1; + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Zip stream error: %s", zip_file_strerror(self->zf)); + return 0; + } + if (n == 0 || n < count) { + stream->eof = 1; } else { self->cursor += n; } Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2009-08-11 14:35:20 UTC (rev 287094) +++ php/php-src/branches/PHP_5_3/NEWS 2009-08-11 15:12:00 UTC (rev 287095) @@ -24,6 +24,7 @@ qualified namespaces). (Kalle, Jani) - Fixed bug #49074 (private class static fields can be modified by using reflection). (Jani) +- Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre) - Fixed bug #49108 (2nd scan_dir produces segfault). (Felipe) - Fixed bug #49065 ("disable_functions" php.ini option does not work on Zend extensions). (Stas) Modified: php/php-src/branches/PHP_5_3/ext/zip/lib/zip_fread.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/zip/lib/zip_fread.c 2009-08-11 14:35:20 UTC (rev 287094) +++ php/php-src/branches/PHP_5_3/ext/zip/lib/zip_fread.c 2009-08-11 15:12:00 UTC (rev 287095) @@ -63,7 +63,7 @@ } return 0; } - + if ((zf->flags & ZIP_ZF_DECOMP) == 0) { ret = _zip_file_fillbuf(outbuf, toread, zf); if (ret > 0) { @@ -83,15 +83,26 @@ ret = inflate(zf->zstr, Z_SYNC_FLUSH); switch (ret) { + case Z_STREAM_END: + zf->flags |= ZIP_ZF_EOF; + case Z_OK: - case Z_STREAM_END: + /* all ok */ /* Z_STREAM_END probably won't happen, since we didn't have a header */ len = zf->zstr->total_out - out_before; if (len >= zf->bytes_left || len >= toread) { - if (zf->flags & ZIP_ZF_CRC) - zf->crc = crc32(zf->crc, (Bytef *)outbuf, len); + if (zf->flags & ZIP_ZF_CRC) { + zf->crc = crc32(zf->crc, (Bytef *)outbuf, len); + if (zf->flags & ZIP_ZF_EOF == 1) { + if (zf->crc != zf->crc_orig) { + _zip_error_set(&zf->error, ZIP_ER_CRC, 0); + return -1; + } + + } + } zf->bytes_left -= len; return len; } Added: php/php-src/branches/PHP_5_3/ext/zip/tests/bug49072.phpt =================================================================== --- php/php-src/branches/PHP_5_3/ext/zip/tests/bug49072.phpt (rev 0) +++ php/php-src/branches/PHP_5_3/ext/zip/tests/bug49072.phpt 2009-08-11 15:12:00 UTC (rev 287095) @@ -0,0 +1,24 @@ +--TEST-- +Bug #49072 (feof never returns true for damaged file in zip) +--SKIPIF-- +<?php +/* $Id$ */ +if(!extension_loaded('zip')) die('skip'); +?> +--FILE-- +<?php +$f = dirname(__FILE__) . '/bug49072.zip'; +$o = new ZipArchive(); +if (! $o->open($f, ZipArchive::CHECKCONS)) { + exit ('error can\'t open'); +} +$r = $o->getStream('file1'); // this file has a wrong crc +if (!$r)die('failed to open a stream for file1'); +$s = ''; +while (! feof($r)) { + $s .= fread($r,1024); +} +?> +--EXPECTF-- + +Warning: fread(): Zip stream error: CRC error in %s on line %d Added: php/php-src/branches/PHP_5_3/ext/zip/tests/bug49072.zip =================================================================== (Binary files differ) Property changes on: php/php-src/branches/PHP_5_3/ext/zip/tests/bug49072.zip ___________________________________________________________________ Added: svn:mime-type + application/octet-stream Modified: php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c 2009-08-11 14:35:20 UTC (rev 287094) +++ php/php-src/branches/PHP_5_3/ext/zip/zip_stream.c 2009-08-11 15:12:00 UTC (rev 287095) @@ -7,6 +7,7 @@ #ifdef ZEND_ENGINE_2 #include "lib/zip.h" +#include "lib/zip.h" #include "php_streams.h" #include "ext/standard/file.h" @@ -35,14 +36,20 @@ if (self->za && self->zf) { n = (size_t)zip_fread(self->zf, buf, (int)count); - - if (n == 0) { + if (n < 0) { + int ze, se; + zip_file_error_get(self->zf, &ze, &se); stream->eof = 1; + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Zip stream error: %s", zip_file_strerror(self->zf)); + return 0; + } + if (n == 0 || n < count) { + stream->eof = 1; } else { self->cursor += n; } } - return n<1 ? 0 : n; + return (n < 1 ? 0 : n); } /* }}} */ @@ -62,14 +69,15 @@ { STREAM_DATA_FROM_STREAM(); if (close_handle) { + if (self->zf) { + zip_fclose(self->zf); + self->zf = NULL; + } + if (self->za) { zip_close(self->za); self->za = NULL; } - if (self->zf) { - zip_fclose(self->zf); - self->zf = NULL; - } } efree(self); stream->abstract = NULL; Modified: php/php-src/trunk/ext/zip/lib/zip_fread.c =================================================================== --- php/php-src/trunk/ext/zip/lib/zip_fread.c 2009-08-11 14:35:20 UTC (rev 287094) +++ php/php-src/trunk/ext/zip/lib/zip_fread.c 2009-08-11 15:12:00 UTC (rev 287095) @@ -83,15 +83,26 @@ ret = inflate(zf->zstr, Z_SYNC_FLUSH); switch (ret) { + case Z_STREAM_END: + zf->flags |= ZIP_ZF_EOF; + case Z_OK: - case Z_STREAM_END: + /* all ok */ /* Z_STREAM_END probably won't happen, since we didn't have a header */ len = zf->zstr->total_out - out_before; if (len >= zf->bytes_left || len >= toread) { - if (zf->flags & ZIP_ZF_CRC) - zf->crc = crc32(zf->crc, (Bytef *)outbuf, len); + if (zf->flags & ZIP_ZF_CRC) { + zf->crc = crc32(zf->crc, (Bytef *)outbuf, len); + if (zf->flags & ZIP_ZF_EOF == 1) { + if (zf->crc != zf->crc_orig) { + _zip_error_set(&zf->error, ZIP_ER_CRC, 0); + return -1; + } + + } + } zf->bytes_left -= len; return len; } Added: php/php-src/trunk/ext/zip/tests/bug49072.phpt =================================================================== --- php/php-src/trunk/ext/zip/tests/bug49072.phpt (rev 0) +++ php/php-src/trunk/ext/zip/tests/bug49072.phpt 2009-08-11 15:12:00 UTC (rev 287095) @@ -0,0 +1,24 @@ +--TEST-- +Bug #49072 (feof never returns true for damaged file in zip) +--SKIPIF-- +<?php +/* $Id: bug47667.phpt 277253 2009-03-16 10:19:43Z mkoppanen $ */ +if(!extension_loaded('zip')) die('skip'); +?> +--FILE-- +<?php +$f = dirname(__FILE__) . '/bug49072.zip'; +$o = new ZipArchive(); +if (! $o->open($f, ZipArchive::CHECKCONS)) { + exit ('error can\'t open'); +} +$r = $o->getStream('file1'); // this file has a wrong crc +if (!$r)die('failed to open a stream for file1'); +$s = b''; +while (!feof($r)) { + $s .= fread($r,1024); +} +?> +--EXPECTF-- + +Warning: fread(): Zip stream error: CRC error in %s on line %d Added: php/php-src/trunk/ext/zip/tests/bug49072.zip =================================================================== (Binary files differ) Property changes on: php/php-src/trunk/ext/zip/tests/bug49072.zip ___________________________________________________________________ Added: svn:mime-type + application/octet-stream Modified: php/php-src/trunk/ext/zip/zip_stream.c =================================================================== --- php/php-src/trunk/ext/zip/zip_stream.c 2009-08-11 14:35:20 UTC (rev 287094) +++ php/php-src/trunk/ext/zip/zip_stream.c 2009-08-11 15:12:00 UTC (rev 287095) @@ -35,9 +35,15 @@ if (self->za && self->zf) { n = (size_t)zip_fread(self->zf, buf, (int)count); - - if (n == 0) { + if (n < 0) { + int ze, se; + zip_file_error_get(self->zf, &ze, &se); stream->eof = 1; + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Zip stream error: %s", zip_file_strerror(self->zf)); + return 0; + } + if (n == 0 || n < count) { + stream->eof = 1; } else { self->cursor += n; }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php