Skip to content

Commit c705079

Browse files
cmb69cmb69
committed
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3: Fix #79503: Memory leak on duplicate metadata
2 parents a1a044d + ccca2c4 commit c705079

File tree

4 files changed

+28
-1
lines changed

4 files changed

+28
-1
lines changed

NEWS

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,9 +26,12 @@ PHP NEWS
2626
. Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes
2727
with <1s timeout). (Joe Cai)
2828

29-
PCRE:
29+
- PCRE:
3030
. Upgraded to PCRE2 10.34. (cmb)
3131

32+
- Phar:
33+
. Fixed bug #79503 (Memory leak on duplicate metadata). (cmb)
34+
3235
- SPL:
3336
. Fixed bug #69264 (__debugInfo() ignored while extending SPL classes). (cmb)
3437
. Fixed bug #67369 (ArrayObject serialization drops the iterator class).

ext/phar/tar.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -181,9 +181,17 @@ static int phar_tar_process_metadata(phar_entry_info *entry, php_stream *fp) /*
181181
}
182182

183183
if (entry->filename_len == sizeof(".phar/.metadata.bin")-1 && !memcmp(entry->filename, ".phar/.metadata.bin", sizeof(".phar/.metadata.bin")-1)) {
184+
if (Z_TYPE(entry->phar->metadata) != IS_UNDEF) {
185+
efree(metadata);
186+
return FAILURE;
187+
}
184188
entry->phar->metadata = entry->metadata;
185189
ZVAL_UNDEF(&entry->metadata);
186190
} else if (entry->filename_len >= sizeof(".phar/.metadata/") + sizeof("/.metadata.bin") - 1 && NULL != (mentry = zend_hash_str_find_ptr(&(entry->phar->manifest), entry->filename + sizeof(".phar/.metadata/") - 1, entry->filename_len - (sizeof("/.metadata.bin") - 1 + sizeof(".phar/.metadata/") - 1)))) {
191+
if (Z_TYPE(mentry->metadata) != IS_UNDEF) {
192+
efree(metadata);
193+
return FAILURE;
194+
}
187195
/* transfer this metadata to the entry it refers */
188196
mentry->metadata = entry->metadata;
189197
ZVAL_UNDEF(&entry->metadata);

ext/phar/tests/bug79503.phar

3.91 KB
Binary file not shown.

ext/phar/tests/bug79503.phpt

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
--TEST--
2+
Bug #79503 (Memory leak on duplicate metadata)
3+
--SKIPIF--
4+
<?php
5+
if (!extension_loaded('phar')) die('skip phar extension not available');
6+
?>
7+
--FILE--
8+
<?php
9+
try {
10+
new Phar(__DIR__ . '/bug79503.phar');
11+
} catch (UnexpectedValueException $ex) {
12+
echo $ex->getMessage();
13+
}
14+
?>
15+
--EXPECTF--
16+
phar error: tar-based phar "%s%ebug79503.phar" has invalid metadata in magic file ".phar/.metadata.bin"

0 commit comments

Comments
 (0)