check for invalid aliases, add tests for this and direct setting of stub/alias

2024-09-22 02:17:32 +00:00 · 2008-03-24 01:33:30 +00:00 · 2008-03-24 01:33:30 +00:00 · b4b890cb8f
commit b4b890cb8f
parent 27826add0f
5 changed files with 111 additions and 4 deletions
--- a/ext/phar/TODO
+++ b/ext/phar/TODO
@ -67,7 +67,7 @@ Version 2.0.0
   access, or a string representing a file within the archive to access. If
   unknown, the callback should return the original request uri [Greg]
 * rework filename detection so that alias is always checked first
- * make aliases containing '/' or '\' invalid
+ X make aliases containing '/' or '\' invalid [Greg]
 X implement manual mounting of external phar archives to locations inside a
   phar path, $phar->mount('/path/to/external.phar', 'internal/path');
   this would traverse external.phar's manifest, and add each entry as a
--- a/ext/phar/phar_internal.h
+++ b/ext/phar/phar_internal.h
@ -361,6 +361,16 @@ static inline void phar_unixify_path_separators(char *path, int path_len)
 	}
 }
 #endif
+/**
+ * validate an alias, returns 1 for success, 0 for failure
+ */
+static inline int phar_validate_alias(const char *alias, int alias_len) /* {{{ */
+{
+	return !(memchr(alias, '/', alias_len) || memchr(alias, '\\', alias_len) || memchr(alias, ':', alias_len) ||
+		memchr(alias, ';', alias_len));
+}
+/* }}} */
+

 void phar_request_initialize(TSRMLS_D);

--- a/ext/phar/phar_object.c
+++ b/ext/phar/phar_object.c
@ -2177,13 +2177,13 @@ PHP_METHOD(Phar, setAlias)
 	if (PHAR_G(readonly)) {
 		zend_throw_exception_ex(spl_ce_UnexpectedValueException, 0 TSRMLS_CC,
 			"Cannot write out phar archive, phar is read-only");
-		return;
+		RETURN_FALSE;
 	}

 	if (phar_obj->arc.archive->is_data) {
 		zend_throw_exception_ex(spl_ce_UnexpectedValueException, 0 TSRMLS_CC,
 			"A Phar alias cannot be set in a plain %s archive", phar_obj->arc.archive->is_tar ? "tar" : "zip");
-		return;
+		RETURN_FALSE;
 	}

 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &alias, &alias_len) == SUCCESS) {
@ -2196,6 +2196,11 @@ PHP_METHOD(Phar, setAlias)
 			efree(error);
 			RETURN_FALSE;
 		}
+		if (!phar_validate_alias(alias, alias_len)) {
+			zend_throw_exception_ex(spl_ce_UnexpectedValueException, 0 TSRMLS_CC,
+				"Invalid alias \"%s\" specified for phar \"%s\"", alias, phar_obj->arc.archive->fname);
+			RETURN_FALSE;
+		}
 		if (phar_obj->arc.archive->alias_len && SUCCESS == zend_hash_find(&(PHAR_GLOBALS->phar_alias_map), phar_obj->arc.archive->alias, phar_obj->arc.archive->alias_len, (void**)&fd_ptr)) {
 			zend_hash_del(&(PHAR_GLOBALS->phar_alias_map), phar_obj->arc.archive->alias, phar_obj->arc.archive->alias_len);
 			readd = 1;
@ -2222,7 +2227,7 @@ PHP_METHOD(Phar, setAlias)
 				zend_hash_add(&(PHAR_GLOBALS->phar_alias_map), oldalias, oldalias_len, (void*)&(phar_obj->arc.archive), sizeof(phar_archive_data*), NULL);
 			}
 			efree(error);
-			return;
+			RETURN_FALSE;
 		}
 		zend_hash_add(&(PHAR_GLOBALS->phar_alias_map), alias, alias_len, (void*)&(phar_obj->arc.archive), sizeof(phar_archive_data*), NULL);
 		if (oldalias) {
--- a/ext/phar/tests/invalid_alias.phpt
+++ b/ext/phar/tests/invalid_alias.phpt
@ -0,0 +1,45 @@
+--TEST--
+Phar: set alias with invalid alias containing / \ : or ;
+--SKIPIF--
+<?php if (!extension_loaded("phar")) die("skip"); ?>
+--INI--
+phar.readonly=0
+--FILE--
+<?php
+$fname = dirname(__FILE__) . '/' . basename(__FILE__, '.php') . '.phar';
+
+$p = new Phar($fname);
+try {
+	$p->setAlias('hi/');
+} catch (Exception $e) {
+	echo $e->getMessage() . "\n";
+}
+try {
+	$p->setAlias('hi\\l');
+} catch (Exception $e) {
+	echo $e->getMessage() . "\n";
+}
+
+try {
+	$p->setAlias('hil;');
+} catch (Exception $e) {
+	echo $e->getMessage() . "\n";
+}
+
+try {
+	$p->setAlias(':hil');
+} catch (Exception $e) {
+	echo $e->getMessage() . "\n";
+}
+?>
+===DONE===
+--CLEAN--
+<?php
+unlink(dirname(__FILE__) . '/' . basename(__FILE__, '.clean.php') . '.phar');
+?>
+--EXPECTF--
+Invalid alias "hi/" specified for phar "%sinvalid_alias.phar"
+Invalid alias "hi\l" specified for phar "%sinvalid_alias.phar"
+Invalid alias "hil;" specified for phar "%sinvalid_alias.phar"
+Invalid alias ":hil" specified for phar "%sinvalid_alias.phar"
+===DONE===
--- a/ext/phar/tests/invalid_setstubalias.phpt
+++ b/ext/phar/tests/invalid_setstubalias.phpt
@ -0,0 +1,47 @@
+--TEST--
+Phar: invalid set alias or stub via array access
+--SKIPIF--
+<?php if (!extension_loaded("phar")) die("skip"); ?>
+--INI--
+phar.readonly=0
+--FILE--
+<?php
+$fname = dirname(__FILE__) . '/' . basename(__FILE__, '.php') . '.phar.tar';
+$fname2 = dirname(__FILE__) . '/' . basename(__FILE__, '.php') . '.phar.zip';
+
+$p = new Phar($fname);
+try {
+	$p['.phar/stub.php'] = 'hi';
+} catch (Exception $e) {
+	echo $e->getMessage() . "\n";
+}
+try {
+	$p['.phar/alias.txt'] = 'hi';
+} catch (Exception $e) {
+	echo $e->getMessage() . "\n";
+}
+$p = new Phar($fname2);
+try {
+	$p['.phar/stub.php'] = 'hi';
+} catch (Exception $e) {
+	echo $e->getMessage() . "\n";
+}
+try {
+	$p['.phar/alias.txt'] = 'hi';
+} catch (Exception $e) {
+	echo $e->getMessage() . "\n";
+}
+
+?>
+===DONE===
+--CLEAN--
+<?php
+unlink(dirname(__FILE__) . '/' . basename(__FILE__, '.clean.php') . '.phar.tar');
+unlink(dirname(__FILE__) . '/' . basename(__FILE__, '.clean.php') . '.phar.zip');
+?>
+--EXPECTF--
+Cannot set stub ".phar/stub.php" directly in phar "%sinvalid_setstubalias.phar.tar", use setStub
+Cannot set alias ".phar/alias.txt" directly in phar "%sinvalid_setstubalias.phar.tar", use setAlias
+Cannot set stub ".phar/stub.php" directly in phar "%sinvalid_setstubalias.phar.zip", use setStub
+Cannot set alias ".phar/alias.txt" directly in phar "%sinvalid_setstubalias.phar.zip", use setAlias
+===DONE===