cellog Wed, 22 Jul 2009 20:21:39 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=284624
Log: fix Bug #49021: phar tar signature algorithm reports as Unknown (0) in getSignature() call Bug: http://pecl.php.net/bugs/49021 (unknown) Changed paths: U pecl/phar/trunk/package.php U pecl/phar/trunk/tar.c U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/phar/tar.c U php/php-src/trunk/ext/phar/tar.c Modified: pecl/phar/trunk/package.php =================================================================== --- pecl/phar/trunk/package.php 2009-07-22 20:08:50 UTC (rev 284623) +++ pecl/phar/trunk/package.php 2009-07-22 20:21:39 UTC (rev 284624) @@ -44,8 +44,10 @@ * on conversion to other formats, user-supplied aliases are validated Changes since 2.0.0RC2: + fixed PHP Bug #49021: phar tar signature algorithm reports as Unknown (0) in + getSignature() call + fixed PHP Bug #49020: phar misinterprets ustar long filename standard fixed PHP Bug #49018: phar tar stores long filenames with prefix/name reversed - fixed PHP Bug #49020: phar misinterprets ustar long filename standard fixed PHP Bug #48681: openssl signature verification for tar archives broken fixed isset() on sub-directories (isset("blah") if file "blah/foo.php" exists) Changes since 2.0.0RC1: Modified: pecl/phar/trunk/tar.c =================================================================== --- pecl/phar/trunk/tar.c 2009-07-22 20:08:50 UTC (rev 284623) +++ pecl/phar/trunk/tar.c 2009-07-22 20:21:39 UTC (rev 284624) @@ -283,7 +283,8 @@ #else # define PHAR_GET_32(buffer) (php_uint32) *(buffer) #endif - if (FAILURE == phar_verify_signature(fp, php_stream_tell(fp) - size - 512, PHAR_GET_32(buf), buf + 8, size - 8, fname, &myphar->signature, &myphar->sig_len, error TSRMLS_CC)) { + myphar->sig_flags = PHAR_GET_32(buf); + if (FAILURE == phar_verify_signature(fp, php_stream_tell(fp) - size - 512, myphar->sig_flags, buf 8, size - 8, fname, &myphar->signature, &myphar->sig_len, error TSRMLS_CC)) { if (error) { char *save = *error; spprintf(error, 4096, "phar error: tar-based phar \"%s\" signature cannot be verified: %s", fname, save); Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2009-07-22 20:08:50 UTC (rev 284623) +++ php/php-src/branches/PHP_5_3/NEWS 2009-07-22 20:21:39 UTC (rev 284624) @@ -6,6 +6,8 @@ - Fixed open_basedir circumvention for mail.log. (Maksymilian Arciemowicz, Stas) +- Fixed bug #49012 (phar tar signature algorithm reports as Unknown (0) in + getSignature() call). (Greg) - Fixed bug #49020 (phar misinterprets ustar long filename standard). (Greg) - Fixed bug #49018 (phar tar stores long filenames wit prefix/name reversed). Modified: php/php-src/branches/PHP_5_3/ext/phar/tar.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/phar/tar.c 2009-07-22 20:08:50 UTC (rev 284623) +++ php/php-src/branches/PHP_5_3/ext/phar/tar.c 2009-07-22 20:21:39 UTC (rev 284624) @@ -283,7 +283,8 @@ #else # define PHAR_GET_32(buffer) (php_uint32) *(buffer) #endif - if (FAILURE == phar_verify_signature(fp, php_stream_tell(fp) - size - 512, PHAR_GET_32(buf), buf + 8, size - 8, fname, &myphar->signature, &myphar->sig_len, error TSRMLS_CC)) { + myphar->sig_flags = PHAR_GET_32(buf); + if (FAILURE == phar_verify_signature(fp, php_stream_tell(fp) - size - 512, myphar->sig_flags, buf + 8, size - 8, fname, &myphar->signature, &myphar->sig_len, error TSRMLS_CC)) { if (error) { char *save = *error; spprintf(error, 4096, "phar error: tar-based phar \"%s\" signature cannot be verified: %s", fname, save); Modified: php/php-src/trunk/ext/phar/tar.c =================================================================== --- php/php-src/trunk/ext/phar/tar.c 2009-07-22 20:08:50 UTC (rev 284623) +++ php/php-src/trunk/ext/phar/tar.c 2009-07-22 20:21:39 UTC (rev 284624) @@ -283,7 +283,8 @@ #else # define PHAR_GET_32(buffer) (php_uint32) *(buffer) #endif - if (FAILURE == phar_verify_signature(fp, php_stream_tell(fp) - size - 512, PHAR_GET_32(buf), buf + 8, size - 8, fname, &myphar->signature, &myphar->sig_len, error TSRMLS_CC)) { + myphar->sig_flags = PHAR_GET_32(buf); + if (FAILURE == phar_verify_signature(fp, php_stream_tell(fp) - size - 512, myphar->sig_flags, buf 8, size - 8, fname, &myphar->signature, &myphar->sig_len, error TSRMLS_CC)) { if (error) { char *save = *error; spprintf(error, 4096, "phar error: tar-based phar \"%s\" signature cannot be verified: %s", fname, save);
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php