. Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)
- Phar:
- . Fixed bug 64343 (PharData::extractTo fails for tarball created by BSD tar).
+ . Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar).
(Mike)
+ . Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing
+ ".tar"). (Mike)
- Postgres:
. Fixed bug #68741 (Null pointer dereference) (CVE-2015-1352). (Laruence)
tar_header *header = (tar_header *) buf;
php_uint32 checksum = phar_tar_number(header->checksum, sizeof(header->checksum));
php_uint32 ret;
- char save[sizeof(header->checksum)];
+ char save[sizeof(header->checksum)], *bname;
/* assume that the first filename in a tar won't begin with <?php */
if (!strncmp(buf, "<?php", sizeof("<?php")-1)) {
memset(header->checksum, ' ', sizeof(header->checksum));
ret = (checksum == phar_tar_checksum(buf, 512));
memcpy(header->checksum, save, sizeof(header->checksum));
- if (!ret && strstr(fname, ".tar")) {
+ if ((bname = strrchr(fname, PHP_DIR_SEPARATOR))) {
+ fname = bname;
+ }
+ if (!ret && (bname = strstr(fname, ".tar")) && (bname[4] == '\0' || bname[4] == '.')) {
/* probably a corrupted tar - so we will pretend it is one */
return 1;
}
--- /dev/null
+--TEST--
+Bug #67761 (Phar::mapPhar fails for Phars inside a path containing ".tar")
+--SKIPIF--
+<?php extension_loaded("phar") or die("SKIP need ext/phar suppport"); ?>
+--FILE--
+<?php
+
+echo "Test\n";
+
+include __DIR__."/files/bug67761.tar/bug67761.phar";
+
+?>
+
+===DONE===
+--EXPECT--
+Test
+#!/usr/bin/env php
+Test
+===DONE===
projects / php / commitdiff