From: Marcus Boerger <helly@php.net>
Date: Mon, 26 Mar 2007 19:51:22 +0000 (+0000)
Subject: - Prevent rename on extracted archieves
X-Git-Tag: RELEASE_1_1_0~105
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c84b870472a73e347fca297e56095faf4748ffab;p=php

- Prevent rename on extracted archieves
---

diff --git a/ext/phar/phar.c b/ext/phar/phar.c
index f37d9cce05..b255d81618 100644
--- a/ext/phar/phar.c
+++ b/ext/phar/phar.c
@@ -3125,9 +3125,9 @@ static int phar_wrapper_unlink(php_stream_wrapper *wrapper, char *url, int optio
 static int phar_wrapper_rename(php_stream_wrapper *wrapper, char *url_from, char *url_to, int options, php_stream_context *context TSRMLS_DC) /* {{{ */
 {
 	php_url *resource_from, *resource_to;
-	char *from_file, *to_file;
-	char *error;
+	char *from_file, *to_file, *error, *plain_map;
 	phar_entry_data *fromdata, *todata;
+	uint host_len;
 
 	if (PHAR_G(readonly)) {
 		php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "phar error: write operations disabled by INI setting");
@@ -3175,7 +3175,6 @@ static int phar_wrapper_rename(php_stream_wrapper *wrapper, char *url_from, char
 		return 0;
 	}
 
-	/*TODO: handle extract_list */
 	if (strcmp(resource_from->host, resource_to->host)) {
 		php_url_free(resource_from);
 		php_url_free(resource_to);
@@ -3183,6 +3182,13 @@ static int phar_wrapper_rename(php_stream_wrapper *wrapper, char *url_from, char
 		return 0;
 	}
 
+	host_len = strlen(resource_from->host);
+	if (zend_hash_find(&(PHAR_GLOBALS->phar_plain_map), resource_from->host, host_len+1, (void **)&plain_map) == SUCCESS) {
+		/*TODO:use php_stream_rename() once available*/
+		php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "phar error: cannot rename \"%s\" to \"%s\" from extracted phar archive", url_from, url_to);
+		return 0;
+	}
+
 	/* need to copy to strip leading "/", will get touched again */
 	from_file = estrdup(resource_from->path + 1);
 	to_file = estrdup(resource_to->path + 1);