Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix GH-16695: phar:// tar parser and zero-length file header blocks #16700

Closed
wants to merge 1 commit into from
Closed

Fix GH-16695: phar:// tar parser and zero-length file header blocks #16700

wants to merge 1 commit into from
+88 −4

Conversation

nielsdos
Copy link
Member

@nielsdos nielsdos commented Nov 4, 2024

There are two issues:

  1. There's an off-by-one in the check for the minimum file size for a
    tar (i.e. > instead of >=).
  2. The loop in the tar parsing parses a header, and then unconditionally
    reads the next one. However, that doesn't necessarily exist.
    Instead, we remove the loop condition and check for the end of the
    file before reading the next header. Note that we can't use
    php_stream_eof as the flag may not be set yet when we're already at
    the end.

@nielsdos nielsdos linked an issue Nov 4, 2024 that may be closed by this pull request
phar:// tar parser and zero-length file header blocks #16695
Closed
@nielsdos nielsdos mentioned this pull request Nov 4, 2024
Closed
hakre
hakre reviewed Nov 4, 2024
View reviewed changes
ext/phar/tests/gh16406 Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@nielsdos This one likely does not belong here, right?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed, this is an accident, good catch! I've also updated one of the tests and added an extra test according to your suggestion.

@nielsdos
Fix phpGH-16695: phar:// tar parser and zero-length file header blocks
bf6cba4 
There are two issues:
1) There's an off-by-one in the check for the minimum file size for a
   tar (i.e. `>` instead of `>=`).
2) The loop in the tar parsing parses a header, and then unconditionally
   reads the next one. However, that doesn't necessarily exist.
   Instead, we remove the loop condition and check for the end of the
   file before reading the next header. Note that we can't use
   php_stream_eof as the flag may not be set yet when we're already at
   the end.
hakre
hakre reviewed Nov 7, 2024
View reviewed changes
ext/phar/tests/tar/gh16695_1.phpt
Comment on lines +3 to +4
--CREDITS--
hakre
Copy link
Contributor

@hakre hakre Nov 7, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have read this in CONTRIBUTING.md:

For newly created tests, a --CREDITS-- section should no longer be included,
as test authorship is already accurately tracked by Git. If multiple authors
should be credited, the Co-authored-by tag in the commit message may be used.

ref: 7514b5d ("Mention that zend_parse_parameters should not be tested", 2019-07-07)

at least fyi @nielsdos , if you consider this and you need a user/email for the Co-authored-by trailer: Hans Krentel (hakre) <[email protected]>

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I know the CONTRIBUTING doc says that, but I find it a stupid rule because the Co-authored-by tag is not granular. (it's barely a rule imo due to the weak wording). However, a big chunk of the patch is tests of yours so I'll add a Co-authored-by tag upon merging.

hakre
hakre reviewed Nov 7, 2024
View reviewed changes
ext/phar/tar.c
@@ -607,7 +611,7 @@ int phar_parse_tarfile(php_stream* fp, char *fname, size_t fname_len, char *alia
phar_destroy_phar_data(myphar);
return FAILURE;
}
} while (!php_stream_eof(fp));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't it a problem then that the eof test has been removed? Here now 261: pos = php_stream_tell(fp); pos is unchecked for error returns (are there any?; was unchecked before, too).

Probably can be moved to now 258 while (true) { as while (!php_stream_eof(fp)) { ? @nielsdos

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

php_stream_tell(fp) cannot fail.
while (!php_stream_eof(fp)) { won't work because the flag is not set in time, leading to the same issue as before.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@nielsdos Thank you for the clarification.

@nielsdos nielsdos requested review from devnexen and Girgias November 9, 2024 09:55
Girgias
Girgias approved these changes Nov 9, 2024
View reviewed changes
Copy link
Member

@Girgias Girgias left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks sensible to me

@nielsdos nielsdos closed this in 72c0222 Nov 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@devnexen devnexen devnexen left review comments

@hakre hakre hakre left review comments

@Girgias Girgias Girgias approved these changes

Assignees
No one assigned
Labels
Extension: phar
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

phar:// tar parser and zero-length file header blocks
4 participants
@nielsdos @hakre @devnexen @Girgias