Fixed bug 64343

PharData::extractTo fails for tarball created by BSD tar

Phar did not know about PAX style global/file headers.
Skip them, to be able to read the contents of those archives.

diff --git a/NEWS b/NEWS
index 0c02ce08d07e315c6f234e64cd6d7ffc2203d432..35ad771c9a243a9f973bc33d6d8568ac90d7529b 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -47,6 +47,10 @@ PHP                                                                        NEWS
     (Daniel Lowrey)
   . Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)
 
+- Phar:
+  . Fixed bug 64343 (PharData::extractTo fails for tarball created by BSD tar).
+    (Mike)
+
 - Postgres:
   . Fixed bug #68741 (Null pointer dereference) (CVE-2015-1352). (Laruence)
 

diff --git a/ext/phar/phar_internal.h b/ext/phar/phar_internal.h
index 66d22e5e3848e4a7699b54c61405c91c2a36a5f5..a838f1c2513aa17624309ec3e65ba778c697cd9c 100644 (file)
--- a/ext/phar/phar_internal.h
+++ b/ext/phar/phar_internal.h
@@ -124,6 +124,8 @@
 #define TAR_SYMLINK '2'
 #define TAR_DIR     '5'
 #define TAR_NEW     '8'
+#define TAR_GLOBAL_HDR 'g'
+#define TAR_FILE_HDR   'x'
 
 #define PHAR_MUNG_PHP_SELF                     (1<<0)
 #define PHAR_MUNG_REQUEST_URI          (1<<1)

diff --git a/ext/phar/tar.c b/ext/phar/tar.c
index c708a3e7f3bb1d796c962b9f71c5c89028b6c071..42b51686f07583cc2f058d3d0aaa06050c7f67f5 100644 (file)
--- a/ext/phar/tar.c
+++ b/ext/phar/tar.c
@@ -255,6 +255,12 @@ int phar_parse_tarfile(php_stream* fp, char *fname, int fname_len, char *alias,
                size = entry.uncompressed_filesize = entry.compressed_filesize =
                        phar_tar_number(hdr->size, sizeof(hdr->size));
 
+               /* skip global/file headers (pax) */
+               if (!old && (hdr->typeflag == TAR_GLOBAL_HDR || hdr->typeflag == TAR_FILE_HDR)) {
+                       size = (size+511)&~511;
+                       goto next;
+               }
+
                if (((!old && hdr->prefix[0] == 0) || old) && strlen(hdr->name) == sizeof(".phar/signature.bin")-1 && !strncmp(hdr->name, ".phar/signature.bin", sizeof(".phar/signature.bin")-1)) {
                        off_t curloc;
 
@@ -548,6 +554,7 @@ bail:
                size = (size+511)&~511;
 
                if (((hdr->typeflag == '\0') || (hdr->typeflag == TAR_FILE)) && size > 0) {
+next:
                        /* this is not good enough - seek succeeds even on truncated tars */
                        php_stream_seek(fp, size, SEEK_CUR);
                        if ((uint)php_stream_tell(fp) > totalsize) {

diff --git a/ext/phar/tests/tar/bug64343.phpt b/ext/phar/tests/tar/bug64343.phpt
new file mode 100644 (file)
index 0000000..ed4501d
--- /dev/null
+++ b/ext/phar/tests/tar/bug64343.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Bug #64343 (phar cannot open tars with pax headers)
+--SKIPIF--
+<?php if (!extension_loaded("phar")) die("skip"); ?>
+--FILE--
+<?php
+
+echo "Test\n";
+
+$phar = new PharData(__DIR__."/files/bug64343.tar");
+
+?>
+===DONE===
+--EXPECT--
+Test
+===DONE===

diff --git a/ext/phar/tests/tar/files/bug64343.tar b/ext/phar/tests/tar/files/bug64343.tar
new file mode 100644 (file)
index 0000000..2eeb206
Binary files /dev/null and b/ext/phar/tests/tar/files/bug64343.tar differ