prevent direct setting of stub or alias in tar/zip

ext/phar/TODO

@@ -87,7 +87,7 @@ Version 2.0.0
  X don't allow a stub or alias to be added to a .zip/.tar that does not have
    ".phar" in the filename (or already have stub/alias) [Steph]
  X allow read/write on .tar/.zip files that do not contain a stub or alias [Steph]
- * prevent manual addition of stub via $a['.phar/stub.php'] = '<?php my stub';
+ X prevent manual addition of stub via $a['.phar/stub.php'] = '<?php my stub'; [Greg]
  * investigate potential collision between SPL's DirectoryIterator flags and
    those in phar_archive_data
  X compression should work for non-phar archives [Steph]

ext/phar/phar_object.c

@@ -2856,6 +2856,15 @@ PHP_METHOD(Phar, offsetSet)
 		return;
 	}
 
+	if ((phar_obj->arc.archive->is_tar || phar_obj->arc.archive->is_zip) && fname_len == sizeof(".phar/stub.php")-1 && !memcmp(fname, ".phar/stub.php", sizeof(".phar/stub.php")-1)) {
+		zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "Cannot set stub \".phar/stub.php\" directly in phar \"%s\", use setStub", phar_obj->arc.archive->fname);
+		return;
+	}
+
+	if ((phar_obj->arc.archive->is_tar || phar_obj->arc.archive->is_zip) && fname_len == sizeof(".phar/alias.txt")-1 && !memcmp(fname, ".phar/alias.txt", sizeof(".phar/alias.txt")-1)) {
+		zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "Cannot set alias \".phar/alias.txt\" directly in phar \"%s\", use setAlias", phar_obj->arc.archive->fname);
+		return;
+	}
 	if (!(data = phar_get_or_create_entry_data(phar_obj->arc.archive->fname, phar_obj->arc.archive->fname_len, fname, fname_len, "w+b", 2, &error TSRMLS_CC))) {
 		if (error) {
 			zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "Entry %s does not exist and cannot be created: %s", fname, error);