Based on the patch provided by david at bamsoftware.
Closes GH-6517.
. Fixed bug #80521 (Parameters with underscores no longer recognized). (cmb,
Simonov Denis)
+- Phar:
+ . Fixed bug #76929 (zip-based phar does not respect phar.require_hash).
+ (david at bamsoftware, cmb)
+
07 Jan 2021, PHP 8.0.1
- Core:
--TEST--
Phar: invalid aliases
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip no zlib"); ?>
--TEST--
Phar: process bzip2-compressed zip entry
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("bz2")) die("skip bz2 not available"); ?>
--TEST--
Phar front controller other zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
Phar front controller mime type extension is not a string zip-based
--INI--
default_charset=
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip phar extension not loaded"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
Phar front controller mime type unknown int zip-based
--INI--
default_charset=UTF-8
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
Phar front controller mime type not string/int zip-based
--INI--
default_charset=UTF-8
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
--TEST--
Phar front controller mime type override, other zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
Phar front controller mime type override, Phar::PHPS zip-based
--INI--
default_charset=UTF-8
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
Phar front controller mime type override, Phar::PHP zip-based
--INI--
default_charset=UTF-8
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
--TEST--
Phar front controller mime type unknown zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
--TEST--
Phar front controller $_SERVER munging failure zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
--TEST--
Phar front controller $_SERVER munging failure 2 zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
Phar front controller PHP test zip-based
--INI--
default_charset=UTF-8
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
--TEST--
Phar front controller $_SERVER munging failure 3 zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
Phar front controller phps zip-based
--INI--
default_charset=UTF-8
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
--TEST--
Phar front controller index.php relocate (no /) zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
--TEST--
Phar front controller index.php relocate zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
--TEST--
Phar front controller 404 zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
--TEST--
Phar front controller alternate index file zip-based
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
<?php if (!extension_loaded("phar")) die("skip"); ?>
--INI--
phar.readonly=0
+phar.require_hash=0
--FILE--
<?php
--- /dev/null
+--TEST--\r
+Phar: zip-based phar, require_hash=1, no signature\r
+--SKIPIF--\r
+<?php if (!extension_loaded('phar')) die('skip'); ?>\r
+--INI--\r
+phar.readonly=1\r
+phar.require_hash=0\r
+--FILE--\r
+<?php\r
+ini_set('phar.require_hash', 1);\r
+include __DIR__ . '/files/zipmaker.php.inc';\r
+$fname = __DIR__ . '/require_hash.phar.zip';\r
+$alias = 'phar://' . $fname;\r
+$fname2 = __DIR__ . '/require_hash.zip';\r
+\r
+$zip = new zipmaker($fname);\r
+$zip->init();\r
+$zip->addFile('zip_001.php', '<?php var_dump(__FILE__);');\r
+$zip->addFile('internal/file/here', "hi there!\n");\r
+$zip->addFile('.phar/stub.php', "__HALT_COMPILER();");\r
+$zip->close();\r
+\r
+try {\r
+ $phar = new Phar($fname);\r
+ var_dump($phar->getStub());\r
+} catch (Exception $e) {\r
+ echo $e->getMessage()."\n";\r
+}\r
+ini_set('phar.require_hash', 0);\r
+try {\r
+ $phar = new PharData($fname2);\r
+ $phar['file'] = 'hi';\r
+ var_dump($phar->getSignature());\r
+ $phar->setSignatureAlgorithm(Phar::MD5);\r
+ var_dump($phar->getSignature());\r
+} catch (Exception $e) {\r
+ echo $e->getMessage()."\n";\r
+}\r
+\r
+?>\r
+===DONE===\r
+--CLEAN--\r
+<?php\r
+@unlink(__DIR__ . '/require_hash.phar.zip');\r
+@unlink(__DIR__ . '/require_hash.zip');\r
+?>\r
+--EXPECTF--\r
+zip-based phar "%srequire_hash.phar.zip" does not have a signature\r
+bool(false)\r
+array(2) {\r
+ ["hash"]=>\r
+ string(32) "%s"\r
+ ["hash_type"]=>\r
+ string(3) "MD5"\r
+}\r
+===DONE===\r
--TEST--
Phar: process zlib-compressed zip alias
+--INI--
+phar.require_hash=0
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("zlib")) die("skip zlib not available"); ?>
mydata->is_data = 1;
}
+ /* ensure signature set */
+ if (!mydata->is_data && PHAR_G(require_hash) && !mydata->signature) {
+ php_stream_close(fp);
+ phar_destroy_phar_data(mydata);
+ if (error) {
+ spprintf(error, 0, "zip-based phar \"%s\" does not have a signature", fname);
+ }
+ return FAILURE;
+ }
+
zend_hash_str_add_ptr(&(PHAR_G(phar_fname_map)), mydata->fname, fname_len, mydata);
if (actual_alias) {
projects / php / commitdiff