From 7220c19556cc5d88805e0e8cef6e2f9bfe7daf6d Mon Sep 17 00:00:00 2001
From: Greg Beaver <cellog@php.net>
Date: Mon, 28 Apr 2008 16:44:53 +0000
Subject: [PATCH] fix tar generation - we were subtly corrupting the header
 with \0 because of use of strcpy

---
 ext/phar/phar_object.c | 15 ++++++++-------
 ext/phar/tar.c         | 12 ++++++------
 2 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
index fb1c1ff1b7..67992f07f5 100755
--- a/ext/phar/phar_object.c
+++ b/ext/phar/phar_object.c
@@ -306,15 +306,10 @@ static int phar_file_action(phar_entry_data *phar, char *mime_type, int code, ch
 
 				zend_try {
 					zend_execute(new_op_array TSRMLS_CC);
-					destroy_op_array(new_op_array TSRMLS_CC);
-					efree(new_op_array);
-					if (!EG(exception)) {
-						if (EG(return_value_ptr_ptr)) {
-							zval_ptr_dtor(EG(return_value_ptr_ptr));
-						}
-					}
 				} zend_catch {
 				} zend_end_try();
+				destroy_op_array(new_op_array TSRMLS_CC);
+				efree(new_op_array);
 				if (PHAR_G(cwd)) {
 					efree(PHAR_G(cwd));
 					PHAR_G(cwd) = NULL;
@@ -322,6 +317,12 @@ static int phar_file_action(phar_entry_data *phar, char *mime_type, int code, ch
 				}
 				PHAR_G(cwd_init) = 0;
 				efree(name);
+				if (EG(return_value_ptr_ptr)) {
+					zval_ptr_dtor(EG(return_value_ptr_ptr));
+				}
+				if (EG(exception)) {
+					zend_throw_exception_internal(NULL TSRMLS_CC);
+				}
 				zend_bailout();
 			}
 			return PHAR_MIME_PHP;
diff --git a/ext/phar/tar.c b/ext/phar/tar.c
index e8dceccac5..3afdc9126b 100644
--- a/ext/phar/tar.c
+++ b/ext/phar/tar.c
@@ -435,7 +435,7 @@ int phar_tar_writeheaders(void *pDest, void *argument TSRMLS_DC)
 		memcpy(header.name, entry->filename, entry->filename_len);
 	}
 	phar_tar_octal(header.mode, entry->flags & PHAR_ENT_PERM_MASK, sizeof(header.mode)-1);
-	if (FAILURE == phar_tar_octal(header.size, entry->uncompressed_filesize, sizeof(header.size))) {
+	if (FAILURE == phar_tar_octal(header.size, entry->uncompressed_filesize, sizeof(header.size)-1)) {
 		if (fp->error) {
 			spprintf(fp->error, 4096, "tar-based phar \"%s\" cannot be created, filename \"%s\" is too large for tar file format", entry->phar->fname, entry->filename);
 		}
@@ -450,13 +450,13 @@ int phar_tar_writeheaders(void *pDest, void *argument TSRMLS_DC)
 	/* calc checksum */
 	header.typeflag = entry->tar_type;
 	if (entry->link) {
-		strcpy(header.linkname, entry->link);
+		strncpy(header.linkname, entry->link, strlen(entry->link));
 	}
-	strcpy(header.magic, "ustar");
-	strcpy(header.version, "00");
-	strcpy(header.checksum, "        ");
+	strncpy(header.magic, "ustar", sizeof("ustar")-1);
+	strncpy(header.version, "00", sizeof("00")-1);
+	strncpy(header.checksum, "        ", sizeof("        ")-1);
 	entry->crc32 = phar_tar_checksum((char *)&header, sizeof(header));
-	if (FAILURE == phar_tar_octal(header.checksum, entry->crc32, sizeof(header.checksum))) {
+	if (FAILURE == phar_tar_octal(header.checksum, entry->crc32, sizeof(header.checksum)-1)) {
 		if (fp->error) {
 			spprintf(fp->error, 4096, "tar-based phar \"%s\" cannot be created, checksum of file \"%s\" is too large for tar file format", entry->phar->fname, entry->filename);
 		}
-- 
2.40.0