php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

phar: Reduce code duplication wrt error handling in phar_parse_zipfile()

Browse Source 
The PHAR_ZIP_FAIL and PHAR_ZIP_FAIL_FREE macros are almost the same.
The reason the latter exists is because of a single error path where the
error message is on the heap and needs to be freed. Instead, use a stack
allocated variable for the error message so we can get rid of the
duplicate macro code. This stack variable is big enough as the messages
written by phar_verify_signature() are short.

Closes GH-20144.
This commit is contained in:
Niels Dossche
2025-10-12 12:18:15 +02:00
parent 416386acc4
commit f9aeb9e57c
1 changed files with 4 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
ext/phar/zip.c
View File

@@ -313,28 +313,6 @@ foundit:
entry.is_zip = 1; entry.is_zip = 1;
entry.fp_type = PHAR_FP; entry.fp_type = PHAR_FP;
entry.is_persistent = mydata->is_persistent; entry.is_persistent = mydata->is_persistent;
#define PHAR_ZIP_FAIL_FREE(errmsg, save) \
zend_hash_destroy(&mydata->manifest); \
HT_INVALIDATE(&mydata->manifest); \
zend_hash_destroy(&mydata->mounted_dirs); \
HT_INVALIDATE(&mydata->mounted_dirs); \
zend_hash_destroy(&mydata->virtual_dirs); \
HT_INVALIDATE(&mydata->virtual_dirs); \
php_stream_close(fp); \
phar_metadata_tracker_free(&mydata->metadata_tracker, mydata->is_persistent); \
if (mydata->signature) { \
efree(mydata->signature); \
} \
if (error) { \
spprintf(error, 4096, "phar error: %s in zip-based phar \"%s\"", errmsg, mydata->fname); \
} \
pefree(mydata->fname, mydata->is_persistent); \
if (mydata->alias) { \
pefree(mydata->alias, mydata->is_persistent); \
} \
pefree(mydata, mydata->is_persistent); \
efree(save); \
return FAILURE;
#define PHAR_ZIP_FAIL(errmsg) \ #define PHAR_ZIP_FAIL(errmsg) \
zend_hash_destroy(&mydata->manifest); \ zend_hash_destroy(&mydata->manifest); \
HT_INVALIDATE(&mydata->manifest); \ HT_INVALIDATE(&mydata->manifest); \
@@ -489,14 +467,13 @@ foundit:
mydata->sig_flags = PHAR_GET_32(sig); mydata->sig_flags = PHAR_GET_32(sig);
if (FAILURE == phar_verify_signature(sigfile, php_stream_tell(sigfile), mydata->sig_flags, sig + 8, entry.uncompressed_filesize - 8, fname, &mydata->signature, &sig_len, error)) { if (FAILURE == phar_verify_signature(sigfile, php_stream_tell(sigfile), mydata->sig_flags, sig + 8, entry.uncompressed_filesize - 8, fname, &mydata->signature, &sig_len, error)) {
efree(sig); efree(sig);
php_stream_close(sigfile);
if (error) { if (error) {
char *save; char errmsg[128];
php_stream_close(sigfile); snprintf(errmsg, sizeof(errmsg), "signature cannot be verified: %s", *error);
spprintf(&save, 4096, "signature cannot be verified: %s", *error);
efree(*error); efree(*error);
PHAR_ZIP_FAIL_FREE(save, save); PHAR_ZIP_FAIL(errmsg);
} else { } else {
php_stream_close(sigfile);
PHAR_ZIP_FAIL("signature cannot be verified"); PHAR_ZIP_FAIL("signature cannot be verified");
} }
} }