From 29cde76818c0c621db995ea50e334d058bdde6bc Mon Sep 17 00:00:00 2001 From: Marcus Boerger Date: Sun, 4 Feb 2007 16:25:25 +0000 Subject: [PATCH] - Disallow stars in paths --- ext/phar/config.m4 | 1 + ext/phar/phar_internal.h | 1 + ext/phar/phar_path_check.c | 86 ++++++++++++++++++++----------------- ext/phar/phar_path_check.re | 4 ++ 4 files changed, 53 insertions(+), 39 deletions(-) diff --git a/ext/phar/config.m4 b/ext/phar/config.m4 index 6b4b438310..4e31e7126b 100644 --- a/ext/phar/config.m4 +++ b/ext/phar/config.m4 @@ -9,4 +9,5 @@ if test "$PHP_PHAR" != "no"; then PHP_ADD_EXTENSION_DEP(phar, zlib, true) PHP_ADD_EXTENSION_DEP(phar, bz2, true) PHP_ADD_EXTENSION_DEP(phar, spl, false) + PHP_ADD_MAKEFILE_FRAGMENT fi diff --git a/ext/phar/phar_internal.h b/ext/phar/phar_internal.h index 86aafd5295..8bbb4ee7f8 100755 --- a/ext/phar/phar_internal.h +++ b/ext/phar/phar_internal.h @@ -264,6 +264,7 @@ typedef enum { pcr_err_up_dir, pcr_err_curr_dir, pcr_err_back_slash, + pcr_err_star, pcr_err_empty_entry } phar_path_check_result; diff --git a/ext/phar/phar_path_check.c b/ext/phar/phar_path_check.c index e647df9647..fba3a5bd32 100755 --- a/ext/phar/phar_path_check.c +++ b/ext/phar/phar_path_check.c @@ -1,4 +1,4 @@ -/* Generated by re2c 0.11.0 on Sun Feb 4 07:53:57 2007 */ +/* Generated by re2c 0.11.0 on Sun Feb 4 11:21:09 2007 */ #line 1 "ext/phar/phar_path_check.re" /* +----------------------------------------------------------------------+ @@ -35,28 +35,28 @@ phar_path_check_result phar_path_check(const char *s, int *len, const char **err loop: { -#line 39 "/usr/src/PHP_5_2/ext/phar/phar_path_check.c" +#line 39 "ext/phar/phar_path_check.c" { YYCTYPE yych; if((YYLIMIT - YYCURSOR) < 4) YYFILL(4); yych = *YYCURSOR; - if(yych <= '/') { - if(yych <= 0x09) { - if(yych <= 0x00) goto yy9; - goto yy11; + if(yych <= '.') { + if(yych <= 0x0A) { + if(yych <= 0x00) goto yy11; + if(yych <= 0x09) goto yy13; } else { - if(yych <= 0x0A) goto yy2; - if(yych <= '.') goto yy11; - goto yy3; + if(yych == '*') goto yy7; + goto yy13; } } else { if(yych <= '?') { - if(yych <= '>') goto yy11; - goto yy7; + if(yych <= '/') goto yy3; + if(yych <= '>') goto yy13; + goto yy9; } else { if(yych == '\\') goto yy5; - goto yy11; + goto yy13; } } yy2: @@ -64,16 +64,16 @@ yy2: goto yy4; yy3: yych = *(YYMARKER = ++YYCURSOR); - if(yych <= 0x00) goto yy12; + if(yych <= 0x00) goto yy14; if(yych <= '-') goto yy4; - if(yych <= '.') goto yy14; - if(yych <= '/') goto yy15; + if(yych <= '.') goto yy16; + if(yych <= '/') goto yy17; yy4: -#line 73 "ext/phar/phar_path_check.re" +#line 77 "ext/phar/phar_path_check.re" { goto loop; } -#line 77 "/usr/src/PHP_5_2/ext/phar/phar_path_check.c" +#line 77 "ext/phar/phar_path_check.c" yy5: ++YYCURSOR; #line 50 "ext/phar/phar_path_check.re" @@ -81,10 +81,18 @@ yy5: *error = "back-slash"; return pcr_err_back_slash; } -#line 85 "/usr/src/PHP_5_2/ext/phar/phar_path_check.c" +#line 85 "ext/phar/phar_path_check.c" yy7: ++YYCURSOR; #line 58 "ext/phar/phar_path_check.re" + { + *error = "star"; + return pcr_err_star; + } +#line 93 "ext/phar/phar_path_check.c" +yy9: + ++YYCURSOR; +#line 62 "ext/phar/phar_path_check.re" { if (*s == '/') { s++; @@ -93,10 +101,10 @@ yy7: *error = NULL; return pcr_use_query; } -#line 97 "/usr/src/PHP_5_2/ext/phar/phar_path_check.c" -yy9: +#line 105 "ext/phar/phar_path_check.c" +yy11: ++YYCURSOR; -#line 66 "ext/phar/phar_path_check.re" +#line 70 "ext/phar/phar_path_check.re" { if (*s == '/') { s++; @@ -104,56 +112,56 @@ yy9: *error = NULL; return pcr_is_ok; } -#line 108 "/usr/src/PHP_5_2/ext/phar/phar_path_check.c" -yy11: +#line 116 "ext/phar/phar_path_check.c" +yy13: yych = *++YYCURSOR; goto yy4; -yy12: +yy14: ++YYCURSOR; #line 54 "ext/phar/phar_path_check.re" { *error = "empty entry"; return pcr_err_empty_entry; } -#line 119 "/usr/src/PHP_5_2/ext/phar/phar_path_check.c" -yy14: +#line 127 "ext/phar/phar_path_check.c" +yy16: yych = *++YYCURSOR; - if(yych <= 0x00) goto yy18; + if(yych <= 0x00) goto yy20; if(yych <= '-') goto yy2; - if(yych <= '.') goto yy17; - if(yych <= '/') goto yy18; + if(yych <= '.') goto yy19; + if(yych <= '/') goto yy20; goto yy2; -yy15: +yy17: ++YYCURSOR; #line 38 "ext/phar/phar_path_check.re" { *error = "double slash"; return pcr_err_double_slash; } -#line 134 "/usr/src/PHP_5_2/ext/phar/phar_path_check.c" -yy17: +#line 142 "ext/phar/phar_path_check.c" +yy19: yych = *++YYCURSOR; - if(yych <= 0x00) goto yy20; - if(yych == '/') goto yy20; + if(yych <= 0x00) goto yy22; + if(yych == '/') goto yy22; goto yy2; -yy18: +yy20: ++YYCURSOR; #line 46 "ext/phar/phar_path_check.re" { *error = "current directory reference"; return pcr_err_curr_dir; } -#line 147 "/usr/src/PHP_5_2/ext/phar/phar_path_check.c" -yy20: +#line 155 "ext/phar/phar_path_check.c" +yy22: ++YYCURSOR; #line 42 "ext/phar/phar_path_check.re" { *error = "upper directory reference"; return pcr_err_up_dir; } -#line 155 "/usr/src/PHP_5_2/ext/phar/phar_path_check.c" +#line 163 "ext/phar/phar_path_check.c" } } -#line 76 "ext/phar/phar_path_check.re" +#line 80 "ext/phar/phar_path_check.re" } diff --git a/ext/phar/phar_path_check.re b/ext/phar/phar_path_check.re index f7a0f60e62..9f1e7efda3 100755 --- a/ext/phar/phar_path_check.re +++ b/ext/phar/phar_path_check.re @@ -55,6 +55,10 @@ ANY = .; *error = "empty entry"; return pcr_err_empty_entry; } +"*" { + *error = "star"; + return pcr_err_star; + } "?" { if (*s == '/') { s++; -- 2.40.0