From: Greg Beaver Date: Sat, 19 Apr 2008 06:18:13 +0000 (+0000) Subject: new test for unsupported compression versions, vastly enhance error messages on unsup... X-Git-Tag: RELEASE_2_0_0b1~321 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e94aaeada9ff3f37a99156a47f4d9d6a9b2f3981;p=php new test for unsupported compression versions, vastly enhance error messages on unsupported compression methods, fix memleak --- diff --git a/ext/phar/tests/zip/corrupt_008.phpt b/ext/phar/tests/zip/corrupt_008.phpt new file mode 100644 index 0000000000..5a20f4d2ec --- /dev/null +++ b/ext/phar/tests/zip/corrupt_008.phpt @@ -0,0 +1,101 @@ +--TEST-- +Phar: unsupported compression methods +--SKIPIF-- + + +--FILE-- +getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup2.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup3.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup4.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup5.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup6.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup7.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup9.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup10.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup14.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup18.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup19.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup97.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsup98.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +try { + new PharData(dirname(__FILE__) . '/files/compress_unsupunknown.zip'); +} catch (Exception $e) { + echo $e->getMessage() . "\n"; +} +?> +===DONE=== +--EXPECTF-- +phar error: unsupported compression method (Shrunk) used in this zip in zip-based phar "%scompress_unsup1.zip" +phar error: unsupported compression method (Reduce) used in this zip in zip-based phar "%scompress_unsup2.zip" +phar error: unsupported compression method (Reduce) used in this zip in zip-based phar "%scompress_unsup3.zip" +phar error: unsupported compression method (Reduce) used in this zip in zip-based phar "%scompress_unsup4.zip" +phar error: unsupported compression method (Reduce) used in this zip in zip-based phar "%scompress_unsup5.zip" +phar error: unsupported compression method (Implode) used in this zip in zip-based phar "%scompress_unsup6.zip" +phar error: unsupported compression method (Tokenize) used in this zip in zip-based phar "%scompress_unsup7.zip" +phar error: unsupported compression method (Deflate64) used in this zip in zip-based phar "%scompress_unsup9.zip" +phar error: unsupported compression method (PKWare Implode/old IBM TERSE) used in this zip in zip-based phar "%scompress_unsup10.zip" +phar error: unsupported compression method (LZMA) used in this zip in zip-based phar "%scompress_unsup14.zip" +phar error: unsupported compression method (IBM TERSE) used in this zip in zip-based phar "%scompress_unsup18.zip" +phar error: unsupported compression method (IBM LZ77) used in this zip in zip-based phar "%scompress_unsup19.zip" +phar error: unsupported compression method (WavPack) used in this zip in zip-based phar "%scompress_unsup97.zip" +phar error: unsupported compression method (PPMd) used in this zip in zip-based phar "%scompress_unsup98.zip" +phar error: unsupported compression method (unknown) used in this zip in zip-based phar "%scompress_unsupunknown.zip" +===DONE=== diff --git a/ext/phar/tests/zip/files/compress_unsup1.zip b/ext/phar/tests/zip/files/compress_unsup1.zip new file mode 100644 index 0000000000..bd1f72baf8 Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup1.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup10.zip b/ext/phar/tests/zip/files/compress_unsup10.zip new file mode 100644 index 0000000000..2a7f22128c Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup10.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup14.zip b/ext/phar/tests/zip/files/compress_unsup14.zip new file mode 100644 index 0000000000..d4941437d9 Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup14.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup18.zip b/ext/phar/tests/zip/files/compress_unsup18.zip new file mode 100644 index 0000000000..7ef221763c Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup18.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup19.zip b/ext/phar/tests/zip/files/compress_unsup19.zip new file mode 100644 index 0000000000..8086d4546f Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup19.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup2.zip b/ext/phar/tests/zip/files/compress_unsup2.zip new file mode 100644 index 0000000000..d827d2d3a2 Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup2.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup3.zip b/ext/phar/tests/zip/files/compress_unsup3.zip new file mode 100644 index 0000000000..d4acc60c1f Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup3.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup4.zip b/ext/phar/tests/zip/files/compress_unsup4.zip new file mode 100644 index 0000000000..76a4dc1aef Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup4.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup5.zip b/ext/phar/tests/zip/files/compress_unsup5.zip new file mode 100644 index 0000000000..d42155de53 Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup5.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup6.zip b/ext/phar/tests/zip/files/compress_unsup6.zip new file mode 100644 index 0000000000..50846409cd Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup6.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup7.zip b/ext/phar/tests/zip/files/compress_unsup7.zip new file mode 100644 index 0000000000..65c2e23664 Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup7.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup9.zip b/ext/phar/tests/zip/files/compress_unsup9.zip new file mode 100644 index 0000000000..df0c767a58 Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup9.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup97.zip b/ext/phar/tests/zip/files/compress_unsup97.zip new file mode 100644 index 0000000000..907f365bf7 Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup97.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsup98.zip b/ext/phar/tests/zip/files/compress_unsup98.zip new file mode 100644 index 0000000000..54f19fb3a0 Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsup98.zip differ diff --git a/ext/phar/tests/zip/files/compress_unsupunknown.zip b/ext/phar/tests/zip/files/compress_unsupunknown.zip new file mode 100644 index 0000000000..170695462a Binary files /dev/null and b/ext/phar/tests/zip/files/compress_unsupunknown.zip differ diff --git a/ext/phar/tests/zip/files/corrupt2.php.inc b/ext/phar/tests/zip/files/corrupt2.php.inc index 27b2f15412..3edf620310 100644 --- a/ext/phar/tests/zip/files/corrupt2.php.inc +++ b/ext/phar/tests/zip/files/corrupt2.php.inc @@ -12,4 +12,49 @@ $a = new corrupt_zipmaker; $a->addFile('hii', null, 'hii', null, null, 'filename_len', 'filename_len'); $a->addFile('hi', null, 'hii'); $a->writeZip(dirname(__FILE__) . '/truncfilename.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress'); +$a->writeZip(dirname(__FILE__) . '/compress_unsup1.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 2); +$a->writeZip(dirname(__FILE__) . '/compress_unsup2.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 3); +$a->writeZip(dirname(__FILE__) . '/compress_unsup3.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 4); +$a->writeZip(dirname(__FILE__) . '/compress_unsup4.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 5); +$a->writeZip(dirname(__FILE__) . '/compress_unsup5.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 6); +$a->writeZip(dirname(__FILE__) . '/compress_unsup6.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 7); +$a->writeZip(dirname(__FILE__) . '/compress_unsup7.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 9); +$a->writeZip(dirname(__FILE__) . '/compress_unsup9.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 10); +$a->writeZip(dirname(__FILE__) . '/compress_unsup10.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 14); +$a->writeZip(dirname(__FILE__) . '/compress_unsup14.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 18); +$a->writeZip(dirname(__FILE__) . '/compress_unsup18.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 19); +$a->writeZip(dirname(__FILE__) . '/compress_unsup19.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 97); +$a->writeZip(dirname(__FILE__) . '/compress_unsup97.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 98); +$a->writeZip(dirname(__FILE__) . '/compress_unsup98.zip'); +$a = new corrupt_zipmaker; +$a->addFile('hi', null, 'hii', null, null, 'compress', 'compress', 11); +$a->writeZip(dirname(__FILE__) . '/compress_unsupunknown.zip'); ?> diff --git a/ext/phar/tests/zip/files/corrupt_zipmaker.php.inc b/ext/phar/tests/zip/files/corrupt_zipmaker.php.inc index 0a8cab6e8f..2c1719920d 100644 --- a/ext/phar/tests/zip/files/corrupt_zipmaker.php.inc +++ b/ext/phar/tests/zip/files/corrupt_zipmaker.php.inc @@ -84,7 +84,7 @@ class corrupt_zipmaker return $mtime; } - private function getFileEntry($compmethod, $mtime, $crc32, $complength, $uncomplength, $filename, $data, $corrupt) + private function getFileEntry($compmethod, $mtime, $crc32, $complength, $uncomplength, $filename, $data, $corrupt, $fakecomp) { switch ($corrupt) { case null : @@ -94,6 +94,13 @@ class corrupt_zipmaker $filename . $data; break; + case 'compress' : + $file = "PK\x03\x04\x14\x00\x00\x00" . pack('v', $fakecomp) . + $mtime . + pack("VVVvv", $crc32, $complength, $uncomplength, strlen($filename), 0x00) . + $filename . + $data; + break; case 'encrypt' : $file = "PK\x03\x04\x14\x00\x01\x00" . pack('v', $compmethod) . $mtime . @@ -154,7 +161,7 @@ class corrupt_zipmaker return $file; } - private function getCentralEntry($compmethod, $mtime, $crc32, $complength, $uncomplength, $filename, $comment, $corrupt, &$offset) + private function getCentralEntry($compmethod, $mtime, $crc32, $complength, $uncomplength, $filename, $comment, $corrupt, &$offset, $fakecomp) { settype($comment, 'string'); switch ($corrupt) { @@ -174,6 +181,14 @@ class corrupt_zipmaker $filename . $comment; $offset = strlen($central); break; + case 'compress' : + $central = "PK\x01\x02\x00\x00\x14\x00\x00\x00" . pack('v', $fakecomp) . + $mtime . + pack("VVVvvvvvVV", $crc32, $complength, $uncomplength, strlen($filename), 0x00,strlen($comment),0x00,0x00, + 0x0000, $this->offset). + $filename . $comment; + $offset = strlen($central); + break; case 'crc32' : $central = "PK\x01\x02\x00\x00\x14\x00\x00\x00" . pack('v', $compmethod) . $mtime . @@ -226,7 +241,7 @@ class corrupt_zipmaker return $central; } - function addFile($filename, $mtime, $data, $comment = null, $compress = null, $filecorrupt = null, $centralcorrupt = null) + function addFile($filename, $mtime, $data, $comment = null, $compress = null, $filecorrupt = null, $centralcorrupt = null, $fakecomp = 1) { $mtime = $this->getMTime($mtime ? $mtime : null); @@ -245,10 +260,10 @@ class corrupt_zipmaker } $complength = strlen($data); - $this->start .= ($file = $this->getFileEntry($compmethod, $mtime, $crc32, $complength, $uncomplength, $filename, $data, $filecorrupt)); + $this->start .= ($file = $this->getFileEntry($compmethod, $mtime, $crc32, $complength, $uncomplength, $filename, $data, $filecorrupt, $fakecomp)); $offset = 0; - $this->central .= $this->getCentralEntry($compmethod, $mtime, $crc32, $complength, $uncomplength, $filename, $comment, $centralcorrupt, $offset); + $this->central .= $this->getCentralEntry($compmethod, $mtime, $crc32, $complength, $uncomplength, $filename, $comment, $centralcorrupt, $offset, $fakecomp); $this->offset += $offset; $this->count++; diff --git a/ext/phar/tests/zip/files/encrypted.zip b/ext/phar/tests/zip/files/encrypted.zip index 99a38c821a..dee73cad37 100644 Binary files a/ext/phar/tests/zip/files/encrypted.zip and b/ext/phar/tests/zip/files/encrypted.zip differ diff --git a/ext/phar/tests/zip/files/stdin.zip b/ext/phar/tests/zip/files/stdin.zip index 836b74d8cd..4376eb67fa 100644 Binary files a/ext/phar/tests/zip/files/stdin.zip and b/ext/phar/tests/zip/files/stdin.zip differ diff --git a/ext/phar/tests/zip/files/truncfilename.zip b/ext/phar/tests/zip/files/truncfilename.zip index 1682e1f0aa..d8a526a4bb 100644 Binary files a/ext/phar/tests/zip/files/truncfilename.zip and b/ext/phar/tests/zip/files/truncfilename.zip differ diff --git a/ext/phar/zip.c b/ext/phar/zip.c index 6724cf6825..0d3a207611 100644 --- a/ext/phar/zip.c +++ b/ext/phar/zip.c @@ -304,6 +304,7 @@ foundit: if (PHAR_GET_16(zipentry.extra_len)) { off_t loc = php_stream_tell(fp); if (FAILURE == phar_zip_process_extra(fp, &entry, PHAR_GET_16(zipentry.extra_len) TSRMLS_CC)) { + efree(entry.filename); PHAR_ZIP_FAIL("Unable to process extra field header for file in central directory"); } php_stream_seek(fp, loc + PHAR_GET_16(zipentry.extra_len), SEEK_SET); @@ -324,8 +325,45 @@ foundit: PHAR_ZIP_FAIL("bzip2 extension is required"); } break; + case 1 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (Shrunk) used in this zip"); + case 2 : + case 3 : + case 4 : + case 5 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (Reduce) used in this zip"); + case 6 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (Implode) used in this zip"); + case 7 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (Tokenize) used in this zip"); + case 9 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (Deflate64) used in this zip"); + case 10 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (PKWare Implode/old IBM TERSE) used in this zip"); + case 14 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (LZMA) used in this zip"); + case 18 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (IBM TERSE) used in this zip"); + case 19 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (IBM LZ77) used in this zip"); + case 97 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (WavPack) used in this zip"); + case 98 : + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (PPMd) used in this zip"); default : - PHAR_ZIP_FAIL("unsupported compression method used in this zip"); + efree(entry.filename); + PHAR_ZIP_FAIL("unsupported compression method (unknown) used in this zip"); } /* get file metadata */ if (zipentry.comment_len) {