PageRenderTime 54ms CodeModel.GetById 11ms RepoModel.GetById 0ms app.codeStats 1ms

/ext/phar/zip.c

http://github.com/infusion/PHP
C | 1527 lines | 1184 code | 206 blank | 137 comment | 351 complexity | 45fb05b50bac35a38828532526681b38 MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception, LGPL-2.1, BSD-3-Clause 
    

  1. /*
    2. 

  2.   +----------------------------------------------------------------------+
    3. 

  3.   | ZIP archive support for Phar                                         |
    4. 

  4.   +----------------------------------------------------------------------+
    5. 

  5.   | Copyright (c) 2007-2011 The PHP Group                                |
    6. 

  6.   +----------------------------------------------------------------------+
    7. 

  7.   | This source file is subject to version 3.01 of the PHP license,      |
    8. 

  8.   | that is bundled with this package in the file LICENSE, and is        |
    9. 

  9.   | available through the world-wide-web at the following url:           |
    10. 

  10.   | http://www.php.net/license/3_01.txt.                                 |
    11. 

  11.   | If you did not receive a copy of the PHP license and are unable to   |
    12. 

  12.   | obtain it through the world-wide-web, please send a note to          |
    13. 

  13.   | license@php.net so we can mail you a copy immediately.               |
    14. 

  14.   +----------------------------------------------------------------------+
    15. 

  15.   | Authors: Gregory Beaver <cellog@php.net>                             |
    16. 

  16.   +----------------------------------------------------------------------+
    17. 

  17. */
    18. 

  18. 

  19. #include "phar_internal.h"
    20. 

  20. 

  21. #define PHAR_GET_16(var) ((php_uint16)((((php_uint16)var[0]) & 0xff) | \
    22. 

  22. 	(((php_uint16)var[1]) & 0xff) << 8))
    23. 

  23. #define PHAR_GET_32(var) ((php_uint32)((((php_uint32)var[0]) & 0xff) | \
    24. 

  24. 	(((php_uint32)var[1]) & 0xff) << 8 | \
    25. 

  25. 	(((php_uint32)var[2]) & 0xff) << 16 | \
    26. 

  26. 	(((php_uint32)var[3]) & 0xff) << 24))
    27. 

  27. static inline void phar_write_32(char buffer[4], php_uint32 value)
    28. 

  28. {
    29. 

  29. 	buffer[3] = (unsigned char) ((value & 0xff000000) >> 24);
    30. 

  30. 	buffer[2] = (unsigned char) ((value & 0xff0000) >> 16);
    31. 

  31. 	buffer[1] = (unsigned char) ((value & 0xff00) >> 8);
    32. 

  32. 	buffer[0] = (unsigned char) (value & 0xff);
    33. 

  33. }
    34. 

  34. static inline void phar_write_16(char buffer[2], php_uint32 value)
    35. 

  35. {
    36. 

  36. 	buffer[1] = (unsigned char) ((value & 0xff00) >> 8);
    37. 

  37. 	buffer[0] = (unsigned char) (value & 0xff);
    38. 

  38. }
    39. 

  39. # define PHAR_SET_32(var, value) phar_write_32(var, (php_uint32) (value));
    40. 

  40. # define PHAR_SET_16(var, value) phar_write_16(var, (php_uint16) (value));
    41. 

  41. 

  42. static int phar_zip_process_extra(php_stream *fp, phar_entry_info *entry, php_uint16 len TSRMLS_DC) /* {{{ */
    43. 

  43. {
    44. 

  44. 	union {
    45. 

  45. 		phar_zip_extra_field_header header;
    46. 

  46. 		phar_zip_unix3 unix3;
    47. 

  47. 	} h;
    48. 

  48. 	int read;
    49. 

  49. 

  50. 	do {
    51. 

  51. 		if (sizeof(h.header) != php_stream_read(fp, (char *) &h.header, sizeof(h.header))) {
    52. 

  52. 			return FAILURE;
    53. 

  53. 		}
    54. 

  54. 

  55. 		if (h.header.tag[0] != 'n' || h.header.tag[1] != 'u') {
    56. 

  56. 			/* skip to next header */
    57. 

  57. 			php_stream_seek(fp, PHAR_GET_16(h.header.size), SEEK_CUR);
    58. 

  58. 			len -= PHAR_GET_16(h.header.size) + 4;
    59. 

  59. 			continue;
    60. 

  60. 		}
    61. 

  61. 

  62. 		/* unix3 header found */
    63. 

  63. 		read = php_stream_read(fp, (char *) &(h.unix3.crc32), sizeof(h.unix3) - sizeof(h.header));
    64. 

  64. 		len -= read + 4;
    65. 

  65. 

  66. 		if (sizeof(h.unix3) - sizeof(h.header) != read) {
    67. 

  67. 			return FAILURE;
    68. 

  68. 		}
    69. 

  69. 

  70. 		if (PHAR_GET_16(h.unix3.size) > sizeof(h.unix3) - 4) {
    71. 

  71. 			/* skip symlink filename - we may add this support in later */
    72. 

  72. 			php_stream_seek(fp, PHAR_GET_16(h.unix3.size) - sizeof(h.unix3.size), SEEK_CUR);
    73. 

  73. 		}
    74. 

  74. 

  75. 		/* set permissions */
    76. 

  76. 		entry->flags &= PHAR_ENT_COMPRESSION_MASK;
    77. 

  77. 

  78. 		if (entry->is_dir) {
    79. 

  79. 			entry->flags |= PHAR_GET_16(h.unix3.perms) & PHAR_ENT_PERM_MASK;
    80. 

  80. 		} else {
    81. 

  81. 			entry->flags |= PHAR_GET_16(h.unix3.perms) & PHAR_ENT_PERM_MASK;
    82. 

  82. 		}
    83. 

  83. 

  84. 	} while (len);
    85. 

  85. 

  86. 	return SUCCESS;
    87. 

  87. }
    88. 

  88. /* }}} */
    89. 

  89. 

  90. /*
    91. 

  91.   extracted from libzip
    92. 

  92.   zip_dirent.c -- read directory entry (local or central), clean dirent
    93. 

  93.   Copyright (C) 1999, 2003, 2004, 2005 Dieter Baron and Thomas Klausner
    94. 

    95. 

  95.   This function is part of libzip, a library to manipulate ZIP archives.
    96. 

  96.   The authors can be contacted at <nih@giga.or.at>
    97. 

    98. 

  98.   Redistribution and use in source and binary forms, with or without
    99. 

  99.   modification, are permitted provided that the following conditions
    100. 

  100.   are met:
    101. 

  101.   1. Redistributions of source code must retain the above copyright
    102. 

  102.      notice, this list of conditions and the following disclaimer.
    103. 

  103.   2. Redistributions in binary form must reproduce the above copyright
    104. 

  104.      notice, this list of conditions and the following disclaimer in
    105. 

  105.      the documentation and/or other materials provided with the
    106. 

  106.      distribution.
    107. 

  107.   3. The names of the authors may not be used to endorse or promote
    108. 

  108.      products derived from this software without specific prior
    109. 

  109.      written permission.
    110. 

    111. 

  111.   THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
    112. 

  112.   OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
    113. 

  113.   WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    114. 

  114.   ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
    115. 

  115.   DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
    116. 

  116.   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
    117. 

  117.   GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
    118. 

  118.   INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
    119. 

  119.   IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
    120. 

  120.   OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
    121. 

  121.   IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    122. 

  122.  */
    123. 

  123. static time_t phar_zip_d2u_time(char *cdtime, char *cddate) /* {{{ */
    124. 

  124. {
    125. 

  125. 	int dtime = PHAR_GET_16(cdtime), ddate = PHAR_GET_16(cddate);
    126. 

  126. 	struct tm *tm, tmbuf;
    127. 

  127. 	time_t now;
    128. 

  128. 

  129. 	now = sapi_get_request_time(TSRMLS_C);
    130. 

  130. 	tm = php_localtime_r(&now, &tmbuf);
    131. 

  131. 

  132. 	tm->tm_year = ((ddate>>9)&127) + 1980 - 1900;
    133. 

  133. 	tm->tm_mon = ((ddate>>5)&15) - 1;
    134. 

  134. 	tm->tm_mday = ddate&31;
    135. 

  135. 

  136. 	tm->tm_hour = (dtime>>11)&31;
    137. 

  137. 	tm->tm_min = (dtime>>5)&63;
    138. 

  138. 	tm->tm_sec = (dtime<<1)&62;
    139. 

  139. 

  140. 	return mktime(tm);
    141. 

  141. }
    142. 

  142. /* }}} */
    143. 

  143. 

  144. static void phar_zip_u2d_time(time_t time, char *dtime, char *ddate) /* {{{ */
    145. 

  145. {
    146. 

  146. 	php_uint16 ctime, cdate;
    147. 

  147. 	struct tm *tm, tmbuf;
    148. 

  148. 

  149. 	tm = php_localtime_r(&time, &tmbuf);
    150. 

  150. 	cdate = ((tm->tm_year+1900-1980)<<9) + ((tm->tm_mon+1)<<5) + tm->tm_mday;
    151. 

  151. 	ctime = ((tm->tm_hour)<<11) + ((tm->tm_min)<<5) + ((tm->tm_sec)>>1);
    152. 

  152. 	PHAR_SET_16(dtime, ctime);
    153. 

  153. 	PHAR_SET_16(ddate, cdate);
    154. 

  154. }
    155. 

  155. /* }}} */
    156. 

  156. 

  157. /**
    158. 

  158.  * Does not check for a previously opened phar in the cache.
    159. 

  159.  *
    160. 

  160.  * Parse a new one and add it to the cache, returning either SUCCESS or
    161. 

  161.  * FAILURE, and setting pphar to the pointer to the manifest entry
    162. 

  162.  * 
    163. 

  163.  * This is used by phar_open_from_fp to process a zip-based phar, but can be called
    164. 

  164.  * directly.
    165. 

  165.  */
    166. 

  166. int phar_parse_zipfile(php_stream *fp, char *fname, int fname_len, char *alias, int alias_len, phar_archive_data** pphar, char **error TSRMLS_DC) /* {{{ */
    167. 

  167. {
    168. 

  168. 	phar_zip_dir_end locator;
    169. 

  169. 	char buf[sizeof(locator) + 65536];
    170. 

  170. 	long size;
    171. 

  171. 	php_uint16 i;
    172. 

  172. 	phar_archive_data *mydata = NULL;
    173. 

  173. 	phar_entry_info entry = {0};
    174. 

  174. 	char *p = buf, *ext, *actual_alias = NULL;
    175. 

  175. 	char *metadata = NULL;
    176. 

  176. 

  177. 	size = php_stream_tell(fp);
    178. 

  178. 

  179. 	if (size > sizeof(locator) + 65536) {
    180. 

  180. 		/* seek to max comment length + end of central directory record */
    181. 

  181. 		size = sizeof(locator) + 65536;
    182. 

  182. 		if (FAILURE == php_stream_seek(fp, -size, SEEK_END)) {
    183. 

  183. 			php_stream_close(fp);
    184. 

  184. 			if (error) {
    185. 

  185. 				spprintf(error, 4096, "phar error: unable to search for end of central directory in zip-based phar \"%s\"", fname);
    186. 

  186. 			}
    187. 

  187. 			return FAILURE;
    188. 

  188. 		}
    189. 

  189. 	} else {
    190. 

  190. 		php_stream_seek(fp, 0, SEEK_SET);
    191. 

  191. 	}
    192. 

  192. 

  193. 	if (!php_stream_read(fp, buf, size)) {
    194. 

  194. 		php_stream_close(fp);
    195. 

  195. 		if (error) {
    196. 

  196. 			spprintf(error, 4096, "phar error: unable to read in data to search for end of central directory in zip-based phar \"%s\"", fname);
    197. 

  197. 		}
    198. 

  198. 		return FAILURE;
    199. 

  199. 	}
    200. 

  200. 

  201. 	while ((p=(char *) memchr(p + 1, 'P', (size_t) (size - (p + 1 - buf)))) != NULL) {
    202. 

  202. 		if (!memcmp(p + 1, "K\5\6", 3)) {
    203. 

  203. 			memcpy((void *)&locator, (void *) p, sizeof(locator));
    204. 

  204. 			if (PHAR_GET_16(locator.centraldisk) != 0 || PHAR_GET_16(locator.disknumber) != 0) {
    205. 

  205. 				/* split archives not handled */
    206. 

  206. 				php_stream_close(fp);
    207. 

  207. 				if (error) {
    208. 

  208. 					spprintf(error, 4096, "phar error: split archives spanning multiple zips cannot be processed in zip-based phar \"%s\"", fname);
    209. 

  209. 				}
    210. 

  210. 				return FAILURE;
    211. 

  211. 			}
    212. 

  212. 

  213. 			if (PHAR_GET_16(locator.counthere) != PHAR_GET_16(locator.count)) {
    214. 

  214. 				if (error) {
    215. 

  215. 					spprintf(error, 4096, "phar error: corrupt zip archive, conflicting file count in end of central directory record in zip-based phar \"%s\"", fname);
    216. 

  216. 				}
    217. 

  217. 				php_stream_close(fp);
    218. 

  218. 				return FAILURE;
    219. 

  219. 			}
    220. 

  220. 

  221. 			mydata = pecalloc(1, sizeof(phar_archive_data), PHAR_G(persist));
    222. 

  222. 			mydata->is_persistent = PHAR_G(persist);
    223. 

  223. 

  224. 			/* read in archive comment, if any */
    225. 

  225. 			if (PHAR_GET_16(locator.comment_len)) {
    226. 

  226. 

  227. 				metadata = p + sizeof(locator);
    228. 

  228. 

  229. 				if (PHAR_GET_16(locator.comment_len) != size - (metadata - buf)) {
    230. 

  230. 					if (error) {
    231. 

  231. 						spprintf(error, 4096, "phar error: corrupt zip archive, zip file comment truncated in zip-based phar \"%s\"", fname);
    232. 

  232. 					}
    233. 

  233. 					php_stream_close(fp);
    234. 

  234. 					pefree(mydata, mydata->is_persistent);
    235. 

  235. 					return FAILURE;
    236. 

  236. 				}
    237. 

  237. 

  238. 				mydata->metadata_len = PHAR_GET_16(locator.comment_len);
    239. 

  239. 

  240. 				if (phar_parse_metadata(&metadata, &mydata->metadata, PHAR_GET_16(locator.comment_len) TSRMLS_CC) == FAILURE) {
    241. 

  241. 					mydata->metadata_len = 0;
    242. 

  242. 					/* if not valid serialized data, it is a regular string */
    243. 

  243. 

  244. 					if (entry.is_persistent) {
    245. 

  245. 						ALLOC_PERMANENT_ZVAL(mydata->metadata);
    246. 

  246. 					} else {
    247. 

  247. 						ALLOC_ZVAL(mydata->metadata);
    248. 

  248. 					}
    249. 

  249. 

  250. 					INIT_ZVAL(*mydata->metadata);
    251. 

  251. 					metadata = pestrndup(metadata, PHAR_GET_16(locator.comment_len), mydata->is_persistent);
    252. 

  252. 					ZVAL_STRINGL(mydata->metadata, metadata, PHAR_GET_16(locator.comment_len), 0);
    253. 

  253. 				}
    254. 

  254. 			} else {
    255. 

  255. 				mydata->metadata = NULL;
    256. 

  256. 			}
    257. 

  257. 

  258. 			goto foundit;
    259. 

  259. 		}
    260. 

  260. 	}
    261. 

  261. 

  262. 	php_stream_close(fp);
    263. 

  263. 

  264. 	if (error) {
    265. 

  265. 		spprintf(error, 4096, "phar error: end of central directory not found in zip-based phar \"%s\"", fname);
    266. 

  266. 	}
    267. 

  267. 

  268. 	return FAILURE;
    269. 

  269. foundit:
    270. 

  270. 	mydata->fname = pestrndup(fname, fname_len, mydata->is_persistent);
    271. 

  271. #ifdef PHP_WIN32
    272. 

  272. 	phar_unixify_path_separators(mydata->fname, fname_len);
    273. 

  273. #endif
    274. 

  274. 	mydata->is_zip = 1;
    275. 

  275. 	mydata->fname_len = fname_len;
    276. 

  276. 	ext = strrchr(mydata->fname, '/');
    277. 

  277. 

  278. 	if (ext) {
    279. 

  279. 		mydata->ext = memchr(ext, '.', (mydata->fname + fname_len) - ext);
    280. 

  280. 		if (mydata->ext == ext) {
    281. 

  281. 			mydata->ext = memchr(ext + 1, '.', (mydata->fname + fname_len) - ext - 1);
    282. 

  282. 		}
    283. 

  283. 		if (mydata->ext) {
    284. 

  284. 			mydata->ext_len = (mydata->fname + fname_len) - mydata->ext;
    285. 

  285. 		}
    286. 

  286. 	}
    287. 

  287. 

  288. 	/* clean up on big-endian systems */
    289. 

  289. 	/* seek to central directory */
    290. 

  290. 	php_stream_seek(fp, PHAR_GET_32(locator.cdir_offset), SEEK_SET);
    291. 

  291. 	/* read in central directory */
    292. 

  292. 	zend_hash_init(&mydata->manifest, PHAR_GET_16(locator.count),
    293. 

  293. 		zend_get_hash_value, destroy_phar_manifest_entry, (zend_bool)mydata->is_persistent);
    294. 

  294. 	zend_hash_init(&mydata->mounted_dirs, 5,
    295. 

  295. 		zend_get_hash_value, NULL, (zend_bool)mydata->is_persistent);
    296. 

  296. 	zend_hash_init(&mydata->virtual_dirs, PHAR_GET_16(locator.count) * 2,
    297. 

  297. 		zend_get_hash_value, NULL, (zend_bool)mydata->is_persistent);
    298. 

  298. 	entry.phar = mydata;
    299. 

  299. 	entry.is_zip = 1;
    300. 

  300. 	entry.fp_type = PHAR_FP;
    301. 

  301. 	entry.is_persistent = mydata->is_persistent;
    302. 

  302. #define PHAR_ZIP_FAIL_FREE(errmsg, save) \
    303. 

  303. 			zend_hash_destroy(&mydata->manifest); \
    304. 

  304. 			mydata->manifest.arBuckets = 0; \
    305. 

  305. 			zend_hash_destroy(&mydata->mounted_dirs); \
    306. 

  306. 			mydata->mounted_dirs.arBuckets = 0; \
    307. 

  307. 			zend_hash_destroy(&mydata->virtual_dirs); \
    308. 

  308. 			mydata->virtual_dirs.arBuckets = 0; \
    309. 

  309. 			php_stream_close(fp); \
    310. 

  310. 			if (mydata->metadata) { \
    311. 

  311. 				zval_dtor(mydata->metadata); \
    312. 

  312. 			} \
    313. 

  313. 			if (mydata->signature) { \
    314. 

  314. 				efree(mydata->signature); \
    315. 

  315. 			} \
    316. 

  316. 			if (error) { \
    317. 

  317. 				spprintf(error, 4096, "phar error: %s in zip-based phar \"%s\"", errmsg, mydata->fname); \
    318. 

  318. 			} \
    319. 

  319. 			pefree(mydata->fname, mydata->is_persistent); \
    320. 

  320. 			if (mydata->alias) { \
    321. 

  321. 				pefree(mydata->alias, mydata->is_persistent); \
    322. 

  322. 			} \
    323. 

  323. 			pefree(mydata, mydata->is_persistent); \
    324. 

  324. 			efree(save); \
    325. 

  325. 			return FAILURE;
    326. 

  326. #define PHAR_ZIP_FAIL(errmsg) \
    327. 

  327. 			zend_hash_destroy(&mydata->manifest); \
    328. 

  328. 			mydata->manifest.arBuckets = 0; \
    329. 

  329. 			zend_hash_destroy(&mydata->mounted_dirs); \
    330. 

  330. 			mydata->mounted_dirs.arBuckets = 0; \
    331. 

  331. 			zend_hash_destroy(&mydata->virtual_dirs); \
    332. 

  332. 			mydata->virtual_dirs.arBuckets = 0; \
    333. 

  333. 			php_stream_close(fp); \
    334. 

  334. 			if (mydata->metadata) { \
    335. 

  335. 				zval_dtor(mydata->metadata); \
    336. 

  336. 			} \
    337. 

  337. 			if (mydata->signature) { \
    338. 

  338. 				efree(mydata->signature); \
    339. 

  339. 			} \
    340. 

  340. 			if (error) { \
    341. 

  341. 				spprintf(error, 4096, "phar error: %s in zip-based phar \"%s\"", errmsg, mydata->fname); \
    342. 

  342. 			} \
    343. 

  343. 			pefree(mydata->fname, mydata->is_persistent); \
    344. 

  344. 			if (mydata->alias) { \
    345. 

  345. 				pefree(mydata->alias, mydata->is_persistent); \
    346. 

  346. 			} \
    347. 

  347. 			pefree(mydata, mydata->is_persistent); \
    348. 

  348. 			return FAILURE;
    349. 

  349. 

  350. 	/* add each central directory item to the manifest */
    351. 

  351. 	for (i = 0; i < PHAR_GET_16(locator.count); ++i) {
    352. 

  352. 		phar_zip_central_dir_file zipentry;
    353. 

  353. 		off_t beforeus = php_stream_tell(fp);
    354. 

  354. 

  355. 		if (sizeof(zipentry) != php_stream_read(fp, (char *) &zipentry, sizeof(zipentry))) {
    356. 

  356. 			PHAR_ZIP_FAIL("unable to read central directory entry, truncated");
    357. 

  357. 		}
    358. 

  358. 

  359. 		/* clean up for bigendian systems */
    360. 

  360. 		if (memcmp("PK\1\2", zipentry.signature, 4)) {
    361. 

  361. 			/* corrupted entry */
    362. 

  362. 			PHAR_ZIP_FAIL("corrupted central directory entry, no magic signature");
    363. 

  363. 		}
    364. 

  364. 

  365. 		if (entry.is_persistent) {
    366. 

  366. 			entry.manifest_pos = i;
    367. 

  367. 		}
    368. 

  368. 

  369. 		entry.compressed_filesize = PHAR_GET_32(zipentry.compsize);
    370. 

  370. 		entry.uncompressed_filesize = PHAR_GET_32(zipentry.uncompsize);
    371. 

  371. 		entry.crc32 = PHAR_GET_32(zipentry.crc32);
    372. 

  372. 		/* do not PHAR_GET_16 either on the next line */
    373. 

  373. 		entry.timestamp = phar_zip_d2u_time(zipentry.timestamp, zipentry.datestamp);
    374. 

  374. 		entry.flags = PHAR_ENT_PERM_DEF_FILE;
    375. 

  375. 		entry.header_offset = PHAR_GET_32(zipentry.offset);
    376. 

  376. 		entry.offset = entry.offset_abs = PHAR_GET_32(zipentry.offset) + sizeof(phar_zip_file_header) + PHAR_GET_16(zipentry.filename_len) +
    377. 

  377. 			PHAR_GET_16(zipentry.extra_len);
    378. 

  378. 

  379. 		if (PHAR_GET_16(zipentry.flags) & PHAR_ZIP_FLAG_ENCRYPTED) {
    380. 

  380. 			PHAR_ZIP_FAIL("Cannot process encrypted zip files");
    381. 

  381. 		}
    382. 

  382. 

  383. 		if (!PHAR_GET_16(zipentry.filename_len)) {
    384. 

  384. 			PHAR_ZIP_FAIL("Cannot process zips created from stdin (zero-length filename)");
    385. 

  385. 		}
    386. 

  386. 

  387. 		entry.filename_len = PHAR_GET_16(zipentry.filename_len);
    388. 

  388. 		entry.filename = (char *) pemalloc(entry.filename_len + 1, entry.is_persistent);
    389. 

  389. 

  390. 		if (entry.filename_len != php_stream_read(fp, entry.filename, entry.filename_len)) {
    391. 

  391. 			pefree(entry.filename, entry.is_persistent);
    392. 

  392. 			PHAR_ZIP_FAIL("unable to read in filename from central directory, truncated");
    393. 

  393. 		}
    394. 

  394. 

  395. 		entry.filename[entry.filename_len] = '\0';
    396. 

  396. 

  397. 		if (entry.filename[entry.filename_len - 1] == '/') {
    398. 

  398. 			entry.is_dir = 1;
    399. 

  399. 			entry.filename_len--;
    400. 

  400. 			entry.flags |= PHAR_ENT_PERM_DEF_DIR;
    401. 

  401. 		} else {
    402. 

  402. 			entry.is_dir = 0;
    403. 

  403. 		}
    404. 

  404. 

  405. 		if (entry.filename_len == sizeof(".phar/signature.bin")-1 && !strncmp(entry.filename, ".phar/signature.bin", sizeof(".phar/signature.bin")-1)) {
    406. 

  406. 			size_t read;
    407. 

  407. 			php_stream *sigfile;
    408. 

  408. 			off_t now;
    409. 

  409. 			char *sig;
    410. 

  410. 

  411. 			now = php_stream_tell(fp);
    412. 

  412. 			pefree(entry.filename, entry.is_persistent);
    413. 

  413. 			sigfile = php_stream_fopen_tmpfile();
    414. 

  414. 

  415. 			php_stream_seek(fp, 0, SEEK_SET);
    416. 

  416. 			/* copy file contents + local headers and zip comment, if any, to be hashed for signature */
    417. 

  417. 			phar_stream_copy_to_stream(fp, sigfile, entry.header_offset, NULL);
    418. 

  418. 			/* seek to central directory */
    419. 

  419. 			php_stream_seek(fp, PHAR_GET_32(locator.cdir_offset), SEEK_SET);
    420. 

  420. 			/* copy central directory header */
    421. 

  421. 			phar_stream_copy_to_stream(fp, sigfile, beforeus - PHAR_GET_32(locator.cdir_offset), NULL);
    422. 

  422. 			if (metadata) {
    423. 

  423. 				php_stream_write(sigfile, metadata, PHAR_GET_16(locator.comment_len));
    424. 

  424. 			}
    425. 

  425. 			php_stream_seek(fp, sizeof(phar_zip_file_header) + entry.header_offset + entry.filename_len + PHAR_GET_16(zipentry.extra_len), SEEK_SET);
    426. 

  426. 			sig = (char *) emalloc(entry.uncompressed_filesize);
    427. 

  427. 			read = php_stream_read(fp, sig, entry.uncompressed_filesize);
    428. 

  428. 			if (read != entry.uncompressed_filesize) {
    429. 

  429. 				php_stream_close(sigfile);
    430. 

  430. 				efree(sig);
    431. 

  431. 				PHAR_ZIP_FAIL("signature cannot be read");
    432. 

  432. 			}
    433. 

  433. 			mydata->sig_flags = PHAR_GET_32(sig);
    434. 

  434. 			if (FAILURE == phar_verify_signature(sigfile, php_stream_tell(sigfile), mydata->sig_flags, sig + 8, entry.uncompressed_filesize - 8, fname, &mydata->signature, &mydata->sig_len, error TSRMLS_CC)) {
    435. 

  435. 				efree(sig);
    436. 

  436. 				if (error) {
    437. 

  437. 					char *save;
    438. 

  438. 					php_stream_close(sigfile);
    439. 

  439. 					spprintf(&save, 4096, "signature cannot be verified: %s", *error);
    440. 

  440. 					efree(*error);
    441. 

  441. 					PHAR_ZIP_FAIL_FREE(save, save);
    442. 

  442. 				} else {
    443. 

  443. 					php_stream_close(sigfile);
    444. 

  444. 					PHAR_ZIP_FAIL("signature cannot be verified");
    445. 

  445. 				}
    446. 

  446. 			}
    447. 

  447. 			php_stream_close(sigfile);
    448. 

  448. 			efree(sig);
    449. 

  449. 			/* signature checked out, let's ensure this is the last file in the phar */
    450. 

  450. 			if (i != PHAR_GET_16(locator.count) - 1) {
    451. 

  451. 				PHAR_ZIP_FAIL("entries exist after signature, invalid phar");
    452. 

  452. 			}
    453. 

  453. 

  454. 			continue;
    455. 

  455. 		}
    456. 

  456. 

  457. 		phar_add_virtual_dirs(mydata, entry.filename, entry.filename_len TSRMLS_CC);
    458. 

  458. 

  459. 		if (PHAR_GET_16(zipentry.extra_len)) {
    460. 

  460. 			off_t loc = php_stream_tell(fp);
    461. 

  461. 			if (FAILURE == phar_zip_process_extra(fp, &entry, PHAR_GET_16(zipentry.extra_len) TSRMLS_CC)) {
    462. 

  462. 				pefree(entry.filename, entry.is_persistent);
    463. 

  463. 				PHAR_ZIP_FAIL("Unable to process extra field header for file in central directory");
    464. 

  464. 			}
    465. 

  465. 			php_stream_seek(fp, loc + PHAR_GET_16(zipentry.extra_len), SEEK_SET);
    466. 

  466. 		}
    467. 

  467. 

  468. 		switch (PHAR_GET_16(zipentry.compressed)) {
    469. 

  469. 			case PHAR_ZIP_COMP_NONE :
    470. 

  470. 				/* compression flag already set */
    471. 

  471. 				break;
    472. 

  472. 			case PHAR_ZIP_COMP_DEFLATE :
    473. 

  473. 				entry.flags |= PHAR_ENT_COMPRESSED_GZ;
    474. 

  474. 				if (!PHAR_G(has_zlib)) {
    475. 

  475. 					pefree(entry.filename, entry.is_persistent);
    476. 

  476. 					PHAR_ZIP_FAIL("zlib extension is required");
    477. 

  477. 				}
    478. 

  478. 				break;
    479. 

  479. 			case PHAR_ZIP_COMP_BZIP2 :
    480. 

  480. 				entry.flags |= PHAR_ENT_COMPRESSED_BZ2;
    481. 

  481. 				if (!PHAR_G(has_bz2)) {
    482. 

  482. 					pefree(entry.filename, entry.is_persistent);
    483. 

  483. 					PHAR_ZIP_FAIL("bzip2 extension is required");
    484. 

  484. 				}
    485. 

  485. 				break;
    486. 

  486. 			case 1 :
    487. 

  487. 				pefree(entry.filename, entry.is_persistent);
    488. 

  488. 				PHAR_ZIP_FAIL("unsupported compression method (Shrunk) used in this zip");
    489. 

  489. 			case 2 :
    490. 

  490. 			case 3 :
    491. 

  491. 			case 4 :
    492. 

  492. 			case 5 :
    493. 

  493. 				pefree(entry.filename, entry.is_persistent);
    494. 

  494. 				PHAR_ZIP_FAIL("unsupported compression method (Reduce) used in this zip");
    495. 

  495. 			case 6 :
    496. 

  496. 				pefree(entry.filename, entry.is_persistent);
    497. 

  497. 				PHAR_ZIP_FAIL("unsupported compression method (Implode) used in this zip");
    498. 

  498. 			case 7 :
    499. 

  499. 				pefree(entry.filename, entry.is_persistent);
    500. 

  500. 				PHAR_ZIP_FAIL("unsupported compression method (Tokenize) used in this zip");
    501. 

  501. 			case 9 :
    502. 

  502. 				pefree(entry.filename, entry.is_persistent);
    503. 

  503. 				PHAR_ZIP_FAIL("unsupported compression method (Deflate64) used in this zip");
    504. 

  504. 			case 10 :
    505. 

  505. 				pefree(entry.filename, entry.is_persistent);
    506. 

  506. 				PHAR_ZIP_FAIL("unsupported compression method (PKWare Implode/old IBM TERSE) used in this zip");
    507. 

  507. 			case 14 :
    508. 

  508. 				pefree(entry.filename, entry.is_persistent);
    509. 

  509. 				PHAR_ZIP_FAIL("unsupported compression method (LZMA) used in this zip");
    510. 

  510. 			case 18 :
    511. 

  511. 				pefree(entry.filename, entry.is_persistent);
    512. 

  512. 				PHAR_ZIP_FAIL("unsupported compression method (IBM TERSE) used in this zip");
    513. 

  513. 			case 19 :
    514. 

  514. 				pefree(entry.filename, entry.is_persistent);
    515. 

  515. 				PHAR_ZIP_FAIL("unsupported compression method (IBM LZ77) used in this zip");
    516. 

  516. 			case 97 :
    517. 

  517. 				pefree(entry.filename, entry.is_persistent);
    518. 

  518. 				PHAR_ZIP_FAIL("unsupported compression method (WavPack) used in this zip");
    519. 

  519. 			case 98 :
    520. 

  520. 				pefree(entry.filename, entry.is_persistent);
    521. 

  521. 				PHAR_ZIP_FAIL("unsupported compression method (PPMd) used in this zip");
    522. 

  522. 			default :
    523. 

  523. 				pefree(entry.filename, entry.is_persistent);
    524. 

  524. 				PHAR_ZIP_FAIL("unsupported compression method (unknown) used in this zip");
    525. 

  525. 		}
    526. 

  526. 

  527. 		/* get file metadata */
    528. 

  528. 		if (PHAR_GET_16(zipentry.comment_len)) {
    529. 

  529. 			if (PHAR_GET_16(zipentry.comment_len) != php_stream_read(fp, buf, PHAR_GET_16(zipentry.comment_len))) {
    530. 

  530. 				pefree(entry.filename, entry.is_persistent);
    531. 

  531. 				PHAR_ZIP_FAIL("unable to read in file comment, truncated");
    532. 

  532. 			}
    533. 

  533. 

  534. 			p = buf;
    535. 

  535. 			entry.metadata_len = PHAR_GET_16(zipentry.comment_len);
    536. 

  536. 

  537. 			if (phar_parse_metadata(&p, &(entry.metadata), PHAR_GET_16(zipentry.comment_len) TSRMLS_CC) == FAILURE) {
    538. 

  538. 				entry.metadata_len = 0;
    539. 

  539. 				/* if not valid serialized data, it is a regular string */
    540. 

  540. 

  541. 				if (entry.is_persistent) {
    542. 

  542. 					ALLOC_PERMANENT_ZVAL(entry.metadata);
    543. 

  543. 				} else {
    544. 

  544. 					ALLOC_ZVAL(entry.metadata);
    545. 

  545. 				}
    546. 

  546. 

  547. 				INIT_ZVAL(*entry.metadata);
    548. 

  548. 				ZVAL_STRINGL(entry.metadata, pestrndup(buf, PHAR_GET_16(zipentry.comment_len), entry.is_persistent), PHAR_GET_16(zipentry.comment_len), 0);
    549. 

  549. 			}
    550. 

  550. 		} else {
    551. 

  551. 			entry.metadata = NULL;
    552. 

  552. 		}
    553. 

  553. 

  554. 		if (!actual_alias && entry.filename_len == sizeof(".phar/alias.txt")-1 && !strncmp(entry.filename, ".phar/alias.txt", sizeof(".phar/alias.txt")-1)) {
    555. 

  555. 			php_stream_filter *filter;
    556. 

  556. 			off_t saveloc;
    557. 

  557. 			/* verify local file header */
    558. 

  558. 			phar_zip_file_header local;
    559. 

  559. 

  560. 			/* archive alias found */
    561. 

  561. 			saveloc = php_stream_tell(fp);
    562. 

  562. 			php_stream_seek(fp, PHAR_GET_32(zipentry.offset), SEEK_SET);
    563. 

  563. 

  564. 			if (sizeof(local) != php_stream_read(fp, (char *) &local, sizeof(local))) {
    565. 

  565. 				pefree(entry.filename, entry.is_persistent);
    566. 

  566. 				PHAR_ZIP_FAIL("phar error: internal corruption of zip-based phar (cannot read local file header for alias)");
    567. 

  567. 			}
    568. 

  568. 

  569. 			/* verify local header */
    570. 

  570. 			if (entry.filename_len != PHAR_GET_16(local.filename_len) || entry.crc32 != PHAR_GET_32(local.crc32) || entry.uncompressed_filesize != PHAR_GET_32(local.uncompsize) || entry.compressed_filesize != PHAR_GET_32(local.compsize)) {
    571. 

  571. 				pefree(entry.filename, entry.is_persistent);
    572. 

  572. 				PHAR_ZIP_FAIL("phar error: internal corruption of zip-based phar (local header of alias does not match central directory)");
    573. 

  573. 			}
    574. 

  574. 

  575. 			/* construct actual offset to file start - local extra_len can be different from central extra_len */
    576. 

  576. 			entry.offset = entry.offset_abs =
    577. 

  577. 				sizeof(local) + entry.header_offset + PHAR_GET_16(local.filename_len) + PHAR_GET_16(local.extra_len);
    578. 

  578. #if PHP_VERSION_ID < 50207
    579. 

  579. 			/* work around Bug #46147 */
    580. 

  580. 			fp->writepos = fp->readpos = 0;
    581. 

  581. #endif
    582. 

  582. 			php_stream_seek(fp, entry.offset, SEEK_SET);
    583. 

  583. 			/* these next lines should be for php < 5.2.6 after 5.3 filters are fixed */
    584. 

  584. 			fp->writepos = 0;
    585. 

  585. 			fp->readpos = 0;
    586. 

  586. 			php_stream_seek(fp, entry.offset, SEEK_SET);
    587. 

  587. 			fp->writepos = 0;
    588. 

  588. 			fp->readpos = 0;
    589. 

  589. 			/* the above lines should be for php < 5.2.6 after 5.3 filters are fixed */
    590. 

  590. 

  591. 			mydata->alias_len = entry.uncompressed_filesize;
    592. 

  592. 

  593. 			if (entry.flags & PHAR_ENT_COMPRESSED_GZ) {
    594. 

  594. 				filter = php_stream_filter_create("zlib.inflate", NULL, php_stream_is_persistent(fp) TSRMLS_CC);
    595. 

  595. 

  596. 				if (!filter) {
    597. 

  597. 					pefree(entry.filename, entry.is_persistent);
    598. 

  598. 					PHAR_ZIP_FAIL("unable to decompress alias, zlib filter creation failed");
    599. 

  599. 				}
    600. 

  600. 

  601. 				php_stream_filter_append(&fp->readfilters, filter);
    602. 

  602. 

  603. #if PHP_MAJOR_VERSION >= 6
    604. 

  604. 				if (!(entry.uncompressed_filesize = php_stream_copy_to_mem(fp, (void **) &actual_alias, entry.uncompressed_filesize, 0)) || !actual_alias) {
    605. 

  605. #else
    606. 

  606. 				if (!(entry.uncompressed_filesize = php_stream_copy_to_mem(fp, &actual_alias, entry.uncompressed_filesize, 0)) || !actual_alias) {
    607. 

  607. #endif
    608. 

  608. 					pefree(entry.filename, entry.is_persistent);
    609. 

  609. #if PHP_VERSION_ID < 50207
    610. 

  610. 					PHAR_ZIP_FAIL("unable to read in alias, truncated (PHP 5.2.7 and newer has a potential fix for this problem)");
    611. 

  611. #endif
    612. 

  612. 					PHAR_ZIP_FAIL("unable to read in alias, truncated");
    613. 

  613. 				}
    614. 

  614. 

  615. 				php_stream_filter_flush(filter, 1);
    616. 

  616. 				php_stream_filter_remove(filter, 1 TSRMLS_CC);
    617. 

  617. 

  618. 			} else if (entry.flags & PHAR_ENT_COMPRESSED_BZ2) {
    619. 

  619. 				filter = php_stream_filter_create("bzip2.decompress", NULL, php_stream_is_persistent(fp) TSRMLS_CC);
    620. 

  620. 

  621. 				if (!filter) {
    622. 

  622. 					pefree(entry.filename, entry.is_persistent);
    623. 

  623. 					PHAR_ZIP_FAIL("unable to read in alias, bzip2 filter creation failed");
    624. 

  624. 				}
    625. 

  625. 

  626. 				php_stream_filter_append(&fp->readfilters, filter);
    627. 

  627. 

  628. #if PHP_MAJOR_VERSION >= 6
    629. 

  629. 				if (!(entry.uncompressed_filesize = php_stream_copy_to_mem(fp, (void **) &actual_alias, entry.uncompressed_filesize, 0)) || !actual_alias) {
    630. 

  630. #else
    631. 

  631. 				if (!(entry.uncompressed_filesize = php_stream_copy_to_mem(fp, &actual_alias, entry.uncompressed_filesize, 0)) || !actual_alias) {
    632. 

  632. #endif
    633. 

  633. 					pefree(entry.filename, entry.is_persistent);
    634. 

  634. #if PHP_VERSION_ID < 50207
    635. 

  635. 					PHAR_ZIP_FAIL("unable to read in alias, truncated (PHP 5.2.7 and newer has a potential fix for this problem)");
    636. 

  636. #endif
    637. 

  637. 					PHAR_ZIP_FAIL("unable to read in alias, truncated");
    638. 

  638. 				}
    639. 

  639. 

  640. 				php_stream_filter_flush(filter, 1);
    641. 

  641. 				php_stream_filter_remove(filter, 1 TSRMLS_CC);
    642. 

  642. 			} else {
    643. 

  643. #if PHP_MAJOR_VERSION >= 6
    644. 

  644. 				if (!(entry.uncompressed_filesize = php_stream_copy_to_mem(fp, (void **) &actual_alias, entry.uncompressed_filesize, 0)) || !actual_alias) {
    645. 

  645. #else
    646. 

  646. 				if (!(entry.uncompressed_filesize = php_stream_copy_to_mem(fp, &actual_alias, entry.uncompressed_filesize, 0)) || !actual_alias) {
    647. 

  647. #endif
    648. 

  648. 					pefree(entry.filename, entry.is_persistent);
    649. 

  649. 					PHAR_ZIP_FAIL("unable to read in alias, truncated");
    650. 

  650. 				}
    651. 

  651. 			}
    652. 

  652. 

  653. 			/* return to central directory parsing */
    654. 

  654. 			php_stream_seek(fp, saveloc, SEEK_SET);
    655. 

  655. 		}
    656. 

  656. 

  657. 		phar_set_inode(&entry TSRMLS_CC);
    658. 

  658. 		zend_hash_add(&mydata->manifest, entry.filename, entry.filename_len, (void *)&entry,sizeof(phar_entry_info), NULL);
    659. 

  659. 	}
    660. 

  660. 

  661. 	mydata->fp = fp;
    662. 

  662. 

  663. 	if (zend_hash_exists(&(mydata->manifest), ".phar/stub.php", sizeof(".phar/stub.php")-1)) {
    664. 

  664. 		mydata->is_data = 0;
    665. 

  665. 	} else {
    666. 

  666. 		mydata->is_data = 1;
    667. 

  667. 	}
    668. 

  668. 

  669. 	zend_hash_add(&(PHAR_GLOBALS->phar_fname_map), mydata->fname, fname_len, (void*)&mydata, sizeof(phar_archive_data*), NULL);
    670. 

  670. 

  671. 	if (actual_alias) {
    672. 

  672. 		phar_archive_data **fd_ptr;
    673. 

  673. 

  674. 		if (!phar_validate_alias(actual_alias, mydata->alias_len)) {
    675. 

  675. 			if (error) {
    676. 

  676. 				spprintf(error, 4096, "phar error: invalid alias \"%s\" in zip-based phar \"%s\"", actual_alias, fname);
    677. 

  677. 			}
    678. 

  678. 			efree(actual_alias);
    679. 

  679. 			zend_hash_del(&(PHAR_GLOBALS->phar_fname_map), mydata->fname, fname_len);
    680. 

  680. 			return FAILURE;
    681. 

  681. 		}
    682. 

  682. 

  683. 		mydata->is_temporary_alias = 0;
    684. 

  684. 

  685. 		if (SUCCESS == zend_hash_find(&(PHAR_GLOBALS->phar_alias_map), actual_alias, mydata->alias_len, (void **)&fd_ptr)) {
    686. 

  686. 			if (SUCCESS != phar_free_alias(*fd_ptr, actual_alias, mydata->alias_len TSRMLS_CC)) {
    687. 

  687. 				if (error) {
    688. 

  688. 					spprintf(error, 4096, "phar error: Unable to add zip-based phar \"%s\" with implicit alias, alias is already in use", fname);
    689. 

  689. 				}
    690. 

  690. 				efree(actual_alias);
    691. 

  691. 				zend_hash_del(&(PHAR_GLOBALS->phar_fname_map), mydata->fname, fname_len);
    692. 

  692. 				return FAILURE;
    693. 

  693. 			}
    694. 

  694. 		}
    695. 

  695. 

  696. 		mydata->alias = entry.is_persistent ? pestrndup(actual_alias, mydata->alias_len, 1) : actual_alias;
    697. 

  697. 

  698. 		if (entry.is_persistent) {
    699. 

  699. 			efree(actual_alias);
    700. 

  700. 		}
    701. 

  701. 

  702. 		zend_hash_add(&(PHAR_GLOBALS->phar_alias_map), actual_alias, mydata->alias_len, (void*)&mydata, sizeof(phar_archive_data*), NULL);
    703. 

  703. 	} else {
    704. 

  704. 		phar_archive_data **fd_ptr;
    705. 

  705. 

  706. 		if (alias_len) {
    707. 

  707. 			if (SUCCESS == zend_hash_find(&(PHAR_GLOBALS->phar_alias_map), alias, alias_len, (void **)&fd_ptr)) {
    708. 

  708. 				if (SUCCESS != phar_free_alias(*fd_ptr, alias, alias_len TSRMLS_CC)) {
    709. 

  709. 					if (error) {
    710. 

  710. 						spprintf(error, 4096, "phar error: Unable to add zip-based phar \"%s\" with explicit alias, alias is already in use", fname);
    711. 

  711. 					}
    712. 

  712. 					zend_hash_del(&(PHAR_GLOBALS->phar_fname_map), mydata->fname, fname_len);
    713. 

  713. 					return FAILURE;
    714. 

  714. 				}
    715. 

  715. 			}
    716. 

  716. 

  717. 			zend_hash_add(&(PHAR_GLOBALS->phar_alias_map), actual_alias, mydata->alias_len, (void*)&mydata, sizeof(phar_archive_data*), NULL);
    718. 

  718. 			mydata->alias = pestrndup(alias, alias_len, mydata->is_persistent);
    719. 

  719. 			mydata->alias_len = alias_len;
    720. 

  720. 		} else {
    721. 

  721. 			mydata->alias = pestrndup(mydata->fname, fname_len, mydata->is_persistent);
    722. 

  722. 			mydata->alias_len = fname_len;
    723. 

  723. 		}
    724. 

  724. 

  725. 		mydata->is_temporary_alias = 1;
    726. 

  726. 	}
    727. 

  727. 

  728. 	if (pphar) {
    729. 

  729. 		*pphar = mydata;
    730. 

  730. 	}
    731. 

  731. 

  732. 	return SUCCESS;
    733. 

  733. }
    734. 

  734. /* }}} */
    735. 

  735. 

  736. /**
    737. 

  737.  * Create or open a zip-based phar for writing
    738. 

  738.  */
    739. 

  739. int phar_open_or_create_zip(char *fname, int fname_len, char *alias, int alias_len, int is_data, int options, phar_archive_data** pphar, char **error TSRMLS_DC) /* {{{ */
    740. 

  740. {
    741. 

  741. 	phar_archive_data *phar;
    742. 

  742. 	int ret = phar_create_or_parse_filename(fname, fname_len, alias, alias_len, is_data, options, &phar, error TSRMLS_CC);
    743. 

  743. 

  744. 	if (FAILURE == ret) {
    745. 

  745. 		return FAILURE;
    746. 

  746. 	}
    747. 

  747. 

  748. 	if (pphar) {
    749. 

  749. 		*pphar = phar;
    750. 

  750. 	}
    751. 

  751. 

  752. 	phar->is_data = is_data;
    753. 

  753. 

  754. 	if (phar->is_zip) {
    755. 

  755. 		return ret;
    756. 

  756. 	}
    757. 

  757. 

  758. 	if (phar->is_brandnew) {
    759. 

  759. 		phar->internal_file_start = 0;
    760. 

  760. 		phar->is_zip = 1;
    761. 

  761. 		phar->is_tar = 0;
    762. 

  762. 		return SUCCESS;
    763. 

  763. 	}
    764. 

  764. 

  765. 	/* we've reached here - the phar exists and is a regular phar */
    766. 

  766. 	if (error) {
    767. 

  767. 		spprintf(error, 4096, "phar zip error: phar \"%s\" already exists as a regular phar and must be deleted from disk prior to creating as a zip-based phar", fname);
    768. 

  768. 	}
    769. 

  769. 

  770. 	return FAILURE;
    771. 

  771. }
    772. 

  772. /* }}} */
    773. 

  773. 

  774. struct _phar_zip_pass {
    775. 

  775. 	php_stream *filefp;
    776. 

  776. 	php_stream *centralfp;
    777. 

  777. 	php_stream *old;
    778. 

  778. 	int free_fp;
    779. 

  779. 	int free_ufp;
    780. 

  780. 	char **error;
    781. 

  781. };
    782. 

  782. /* perform final modification of zip contents for each file in the manifest before saving */
    783. 

  783. static int phar_zip_changed_apply(void *data, void *arg TSRMLS_DC) /* {{{ */
    784. 

  784. {
    785. 

  785. 	phar_entry_info *entry;
    786. 

  786. 	phar_zip_file_header local;
    787. 

  787. 	phar_zip_unix3 perms;
    788. 

  788. 	phar_zip_central_dir_file central;
    789. 

  789. 	struct _phar_zip_pass *p;
    790. 

  790. 	php_uint32 newcrc32;
    791. 

  791. 	off_t offset;
    792. 

  792. 	int not_really_modified = 0;
    793. 

  793. 	entry = (phar_entry_info *)data;
    794. 

  794. 	p = (struct _phar_zip_pass*) arg;
    795. 

  795. 

  796. 	if (entry->is_mounted) {
    797. 

  797. 		return ZEND_HASH_APPLY_KEEP;
    798. 

  798. 	}
    799. 

  799. 

  800. 	if (entry->is_deleted) {
    801. 

  801. 		if (entry->fp_refcount <= 0) {
    802. 

  802. 			return ZEND_HASH_APPLY_REMOVE;
    803. 

  803. 		} else {
    804. 

  804. 			/* we can't delete this in-memory until it is closed */
    805. 

  805. 			return ZEND_HASH_APPLY_KEEP;
    806. 

  806. 		}
    807. 

  807. 	}
    808. 

  808. 

  809. 	phar_add_virtual_dirs(entry->phar, entry->filename, entry->filename_len TSRMLS_CC);
    810. 

  810. 	memset(&local, 0, sizeof(local));
    811. 

  811. 	memset(&central, 0, sizeof(central));
    812. 

  812. 	memset(&perms, 0, sizeof(perms));
    813. 

  813. 	strncpy(local.signature, "PK\3\4", 4);
    814. 

  814. 	strncpy(central.signature, "PK\1\2", 4);
    815. 

  815. 	PHAR_SET_16(central.extra_len, sizeof(perms));
    816. 

  816. 	PHAR_SET_16(local.extra_len, sizeof(perms));
    817. 

  817. 	perms.tag[0] = 'n';
    818. 

  818. 	perms.tag[1] = 'u';
    819. 

  819. 	PHAR_SET_16(perms.size, sizeof(perms) - 4);
    820. 

  820. 	PHAR_SET_16(perms.perms, entry->flags & PHAR_ENT_PERM_MASK);
    821. 

  821. 	{
    822. 

  822. 		php_uint32 crc = (php_uint32) ~0;
    823. 

  823. 		CRC32(crc, perms.perms[0]);
    824. 

  824. 		CRC32(crc, perms.perms[1]);
    825. 

  825. 		PHAR_SET_32(perms.crc32, ~crc);
    826. 

  826. 	}
    827. 

  827. 

  828. 	if (entry->flags & PHAR_ENT_COMPRESSED_GZ) {
    829. 

  829. 		PHAR_SET_16(central.compressed, PHAR_ZIP_COMP_DEFLATE);
    830. 

  830. 		PHAR_SET_16(local.compressed, PHAR_ZIP_COMP_DEFLATE);
    831. 

  831. 	}
    832. 

  832. 

  833. 	if (entry->flags & PHAR_ENT_COMPRESSED_BZ2) {
    834. 

  834. 		PHAR_SET_16(central.compressed, PHAR_ZIP_COMP_BZIP2);
    835. 

  835. 		PHAR_SET_16(local.compressed, PHAR_ZIP_COMP_BZIP2);
    836. 

  836. 	}
    837. 

  837. 

  838. 	/* do not use PHAR_GET_16 on either field of the next line */
    839. 

  839. 	phar_zip_u2d_time(entry->timestamp, local.timestamp, local.datestamp);
    840. 

  840. 	memcpy(central.timestamp, local.timestamp, sizeof(local.timestamp));
    841. 

  841. 	memcpy(central.datestamp, local.datestamp, sizeof(local.datestamp));
    842. 

  842. 	PHAR_SET_16(central.filename_len, entry->filename_len + (entry->is_dir ? 1 : 0));
    843. 

  843. 	PHAR_SET_16(local.filename_len, entry->filename_len + (entry->is_dir ? 1 : 0));
    844. 

  844. 	PHAR_SET_32(central.offset, php_stream_tell(p->filefp));
    845. 

  845. 

  846. 	/* do extra field for perms later */
    847. 

  847. 	if (entry->is_modified) {
    848. 

  848. 		php_uint32 loc;
    849. 

  849. 		php_stream_filter *filter;
    850. 

  850. 		php_stream *efp;
    851. 

  851. 

  852. 		if (entry->is_dir) {
    853. 

  853. 			entry->is_modified = 0;
    854. 

  854. 			if (entry->fp_type == PHAR_MOD && entry->fp != entry->phar->fp && entry->fp != entry->phar->ufp) {
    855. 

  855. 				php_stream_close(entry->fp);
    856. 

  856. 				entry->fp = NULL;
    857. 

  857. 				entry->fp_type = PHAR_FP;
    858. 

  858. 			}
    859. 

  859. 			goto continue_dir;
    860. 

  860. 		}
    861. 

  861. 

  862. 		if (FAILURE == phar_open_entry_fp(entry, p->error, 0 TSRMLS_CC)) {
    863. 

  863. 			spprintf(p->error, 0, "unable to open file contents of file \"%s\" in zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    864. 

  864. 			return ZEND_HASH_APPLY_STOP;
    865. 

  865. 		}
    866. 

  866. 

  867. 		/* we can be modified and already be compressed, such as when chmod() is executed */
    868. 

  868. 		if (entry->flags & PHAR_ENT_COMPRESSION_MASK && (entry->old_flags == entry->flags || !entry->old_flags)) {
    869. 

  869. 			not_really_modified = 1;
    870. 

  870. 			goto is_compressed;
    871. 

  871. 		}
    872. 

  872. 

  873. 		if (-1 == phar_seek_efp(entry, 0, SEEK_SET, 0, 0 TSRMLS_CC)) {
    874. 

  874. 			spprintf(p->error, 0, "unable to seek to start of file \"%s\" to zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    875. 

  875. 			return ZEND_HASH_APPLY_STOP;
    876. 

  876. 		}
    877. 

  877. 

  878. 		efp = phar_get_efp(entry, 0 TSRMLS_CC);
    879. 

  879. 		newcrc32 = ~0;
    880. 

  880. 

  881. 		for (loc = 0;loc < entry->uncompressed_filesize; ++loc) {
    882. 

  882. 			CRC32(newcrc32, php_stream_getc(efp));
    883. 

  883. 		}
    884. 

  884. 

  885. 		entry->crc32 = ~newcrc32;
    886. 

  886. 		PHAR_SET_32(central.uncompsize, entry->uncompressed_filesize);
    887. 

  887. 		PHAR_SET_32(local.uncompsize, entry->uncompressed_filesize);
    888. 

  888. 

  889. 		if (!(entry->flags & PHAR_ENT_COMPRESSION_MASK)) {
    890. 

  890. 			/* not compressed */
    891. 

  891. 			entry->compressed_filesize = entry->uncompressed_filesize;
    892. 

  892. 			PHAR_SET_32(central.compsize, entry->uncompressed_filesize);
    893. 

  893. 			PHAR_SET_32(local.compsize, entry->uncompressed_filesize);
    894. 

  894. 			goto not_compressed;
    895. 

  895. 		}
    896. 

  896. 

  897. 		filter = php_stream_filter_create(phar_compress_filter(entry, 0), NULL, 0 TSRMLS_CC);
    898. 

  898. 

  899. 		if (!filter) {
    900. 

  900. 			if (entry->flags & PHAR_ENT_COMPRESSED_GZ) {
    901. 

  901. 				spprintf(p->error, 0, "unable to gzip compress file \"%s\" to zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    902. 

  902. 			} else {
    903. 

  903. 				spprintf(p->error, 0, "unable to bzip2 compress file \"%s\" to zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    904. 

  904. 			}
    905. 

  905. 			return ZEND_HASH_APPLY_STOP;
    906. 

  906. 		}
    907. 

  907. 

  908. 		/* create new file that holds the compressed version */
    909. 

  909. 		/* work around inability to specify freedom in write and strictness
    910. 

  910. 		in read count */
    911. 

  911. 		entry->cfp = php_stream_fopen_tmpfile();
    912. 

  912. 

  913. 		if (!entry->cfp) {
    914. 

  914. 			spprintf(p->error, 0, "unable to create temporary file for file \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    915. 

  915. 			return ZEND_HASH_APPLY_STOP;
    916. 

  916. 		}
    917. 

  917. 

  918. 		php_stream_flush(efp);
    919. 

  919. 

  920. 		if (-1 == phar_seek_efp(entry, 0, SEEK_SET, 0, 0 TSRMLS_CC)) {
    921. 

  921. 			spprintf(p->error, 0, "unable to seek to start of file \"%s\" to zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    922. 

  922. 			return ZEND_HASH_APPLY_STOP;
    923. 

  923. 		}
    924. 

  924. 

  925. 		php_stream_filter_append((&entry->cfp->writefilters), filter);
    926. 

  926. 

  927. 		if (SUCCESS != phar_stream_copy_to_stream(efp, entry->cfp, entry->uncompressed_filesize, NULL)) {
    928. 

  928. 			spprintf(p->error, 0, "unable to copy compressed file contents of file \"%s\" while creating new phar \"%s\"", entry->filename, entry->phar->fname);
    929. 

  929. 			return ZEND_HASH_APPLY_STOP;
    930. 

  930. 		}
    931. 

  931. 

  932. 		php_stream_filter_flush(filter, 1);
    933. 

  933. 		php_stream_flush(entry->cfp);
    934. 

  934. 		php_stream_filter_remove(filter, 1 TSRMLS_CC);
    935. 

  935. 		php_stream_seek(entry->cfp, 0, SEEK_END);
    936. 

  936. 		entry->compressed_filesize = (php_uint32) php_stream_tell(entry->cfp);
    937. 

  937. 		PHAR_SET_32(central.compsize, entry->compressed_filesize);
    938. 

  938. 		PHAR_SET_32(local.compsize, entry->compressed_filesize);
    939. 

  939. 		/* generate crc on compressed file */
    940. 

  940. 		php_stream_rewind(entry->cfp);
    941. 

  941. 		entry->old_flags = entry->flags;
    942. 

  942. 		entry->is_modified = 1;
    943. 

  943. 	} else {
    944. 

  944. is_compressed:
    945. 

  945. 		PHAR_SET_32(central.uncompsize, entry->uncompressed_filesize);
    946. 

  946. 		PHAR_SET_32(local.uncompsize, entry->uncompressed_filesize);
    947. 

  947. 		PHAR_SET_32(central.compsize, entry->compressed_filesize);
    948. 

  948. 		PHAR_SET_32(local.compsize, entry->compressed_filesize);
    949. 

  949. 

  950. 		if (-1 == php_stream_seek(p->old, entry->offset_abs, SEEK_SET)) {
    951. 

  951. 			spprintf(p->error, 0, "unable to seek to start of file \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    952. 

  952. 			return ZEND_HASH_APPLY_STOP;
    953. 

  953. 		}
    954. 

  954. 	}
    955. 

  955. not_compressed:
    956. 

  956. 	PHAR_SET_32(central.crc32, entry->crc32);
    957. 

  957. 	PHAR_SET_32(local.crc32, entry->crc32);
    958. 

  958. continue_dir:
    959. 

  959. 	/* set file metadata */
    960. 

  960. 	if (entry->metadata) {
    961. 

  961. 		php_serialize_data_t metadata_hash;
    962. 

  962. 

  963. 		if (entry->metadata_str.c) {
    964. 

  964. 			smart_str_free(&entry->metadata_str);
    965. 

  965. 		}
    966. 

  966. 		entry->metadata_str.c = 0;
    967. 

  967. 		entry->metadata_str.len = 0;
    968. 

  968. 		PHP_VAR_SERIALIZE_INIT(metadata_hash);
    969. 

  969. 		php_var_serialize(&entry->metadata_str, &entry->metadata, &metadata_hash TSRMLS_CC);
    970. 

  970. 		PHP_VAR_SERIALIZE_DESTROY(metadata_hash);
    971. 

  971. 		PHAR_SET_16(central.comment_len, entry->metadata_str.len);
    972. 

  972. 	}
    973. 

  973. 

  974. 	entry->header_offset = php_stream_tell(p->filefp);
    975. 

  975. 	offset = entry->header_offset + sizeof(local) + entry->filename_len + (entry->is_dir ? 1 : 0) + sizeof(perms);
    976. 

  976. 

  977. 	if (sizeof(local) != php_stream_write(p->filefp, (char *)&local, sizeof(local))) {
    978. 

  978. 		spprintf(p->error, 0, "unable to write local file header of file \"%s\" to zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    979. 

  979. 		return ZEND_HASH_APPLY_STOP;
    980. 

  980. 	}
    981. 

  981. 

  982. 	if (sizeof(central) != php_stream_write(p->centralfp, (char *)&central, sizeof(central))) {
    983. 

  983. 		spprintf(p->error, 0, "unable to write central directory entry for file \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    984. 

  984. 		return ZEND_HASH_APPLY_STOP;
    985. 

  985. 	}
    986. 

  986. 

  987. 	if (entry->is_dir) {
    988. 

  988. 		if (entry->filename_len != php_stream_write(p->filefp, entry->filename, entry->filename_len)) {
    989. 

  989. 			spprintf(p->error, 0, "unable to write filename to local directory entry for directory \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    990. 

  990. 			return ZEND_HASH_APPLY_STOP;
    991. 

  991. 		}
    992. 

  992. 

  993. 		if (1 != php_stream_write(p->filefp, "/", 1)) {
    994. 

  994. 			spprintf(p->error, 0, "unable to write filename to local directory entry for directory \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    995. 

  995. 			return ZEND_HASH_APPLY_STOP;
    996. 

  996. 		}
    997. 

  997. 

  998. 		if (entry->filename_len != php_stream_write(p->centralfp, entry->filename, entry->filename_len)) {
    999. 

  999. 			spprintf(p->error, 0, "unable to write filename to central directory entry for directory \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1000. 

  1000. 			return ZEND_HASH_APPLY_STOP;
    1001. 

  1001. 		}
    1002. 

  1002. 

  1003. 		if (1 != php_stream_write(p->centralfp, "/", 1)) {
    1004. 

  1004. 			spprintf(p->error, 0, "unable to write filename to central directory entry for directory \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1005. 

  1005. 			return ZEND_HASH_APPLY_STOP;
    1006. 

  1006. 		}
    1007. 

  1007. 	} else {
    1008. 

  1008. 		if (entry->filename_len != php_stream_write(p->filefp, entry->filename, entry->filename_len)) {
    1009. 

  1009. 			spprintf(p->error, 0, "unable to write filename to local directory entry for file \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1010. 

  1010. 			return ZEND_HASH_APPLY_STOP;
    1011. 

  1011. 		}
    1012. 

  1012. 

  1013. 		if (entry->filename_len != php_stream_write(p->centralfp, entry->filename, entry->filename_len)) {
    1014. 

  1014. 			spprintf(p->error, 0, "unable to write filename to central directory entry for file \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1015. 

  1015. 			return ZEND_HASH_APPLY_STOP;
    1016. 

  1016. 		}
    1017. 

  1017. 	}
    1018. 

  1018. 

  1019. 	if (sizeof(perms) != php_stream_write(p->filefp, (char *)&perms, sizeof(perms))) {
    1020. 

  1020. 		spprintf(p->error, 0, "unable to write local extra permissions file header of file \"%s\" to zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1021. 

  1021. 		return ZEND_HASH_APPLY_STOP;
    1022. 

  1022. 	}
    1023. 

  1023. 

  1024. 	if (sizeof(perms) != php_stream_write(p->centralfp, (char *)&perms, sizeof(perms))) {
    1025. 

  1025. 		spprintf(p->error, 0, "unable to write central extra permissions file header of file \"%s\" to zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1026. 

  1026. 		return ZEND_HASH_APPLY_STOP;
    1027. 

  1027. 	}
    1028. 

  1028. 

  1029. 	if (!not_really_modified && entry->is_modified) {
    1030. 

  1030. 		if (entry->cfp) {
    1031. 

  1031. 			if (SUCCESS != phar_stream_copy_to_stream(entry->cfp, p->filefp, entry->compressed_filesize, NULL)) {
    1032. 

  1032. 				spprintf(p->error, 0, "unable to write compressed contents of file \"%s\" in zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1033. 

  1033. 				return ZEND_HASH_APPLY_STOP;
    1034. 

  1034. 			}
    1035. 

  1035. 

  1036. 			php_stream_close(entry->cfp);
    1037. 

  1037. 			entry->cfp = NULL;
    1038. 

  1038. 		} else {
    1039. 

  1039. 			if (FAILURE == phar_open_entry_fp(entry, p->error, 0 TSRMLS_CC)) {
    1040. 

  1040. 				return ZEND_HASH_APPLY_STOP;
    1041. 

  1041. 			}
    1042. 

  1042. 

  1043. 			phar_seek_efp(entry, 0, SEEK_SET, 0, 0 TSRMLS_CC);
    1044. 

  1044. 

  1045. 			if (SUCCESS != phar_stream_copy_to_stream(phar_get_efp(entry, 0 TSRMLS_CC), p->filefp, entry->uncompressed_filesize, NULL)) {
    1046. 

  1046. 				spprintf(p->error, 0, "unable to write contents of file \"%s\" in zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1047. 

  1047. 				return ZEND_HASH_APPLY_STOP;
    1048. 

  1048. 			}
    1049. 

  1049. 		}
    1050. 

  1050. 

  1051. 		if (entry->fp_type == PHAR_MOD && entry->fp != entry->phar->fp && entry->fp != entry->phar->ufp && entry->fp_refcount == 0) {
    1052. 

  1052. 			php_stream_close(entry->fp);
    1053. 

  1053. 		}
    1054. 

  1054. 

  1055. 		entry->is_modified = 0;
    1056. 

  1056. 	} else {
    1057. 

  1057. 		entry->is_modified = 0;
    1058. 

  1058. 		if (entry->fp_refcount) {
    1059. 

  1059. 			/* open file pointers refer to this fp, do not free the stream */
    1060. 

  1060. 			switch (entry->fp_type) {
    1061. 

  1061. 				case PHAR_FP:
    1062. 

  1062. 					p->free_fp = 0;
    1063. 

  1063. 					break;
    1064. 

  1064. 				case PHAR_UFP:
    1065. 

  1065. 					p->free_ufp = 0;
    1066. 

  1066. 				default:
    1067. 

  1067. 					break;
    1068. 

  1068. 			}
    1069. 

  1069. 		}
    1070. 

  1070. 

  1071. 		if (!entry->is_dir && entry->compressed_filesize && SUCCESS != phar_stream_copy_to_stream(p->old, p->filefp, entry->compressed_filesize, NULL)) {
    1072. 

  1072. 			spprintf(p->error, 0, "unable to copy contents of file \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1073. 

  1073. 			return ZEND_HASH_APPLY_STOP;
    1074. 

  1074. 		}
    1075. 

  1075. 	}
    1076. 

  1076. 

  1077. 	entry->fp = NULL;
    1078. 

  1078. 	entry->offset = entry->offset_abs = offset;
    1079. 

  1079. 	entry->fp_type = PHAR_FP;
    1080. 

  1080. 

  1081. 	if (entry->metadata_str.c) {
    1082. 

  1082. 		if (entry->metadata_str.len != php_stream_write(p->centralfp, entry->metadata_str.c, entry->metadata_str.len)) {
    1083. 

  1083. 			spprintf(p->error, 0, "unable to write metadata as file comment for file \"%s\" while creating zip-based phar \"%s\"", entry->filename, entry->phar->fname);
    1084. 

  1084. 			smart_str_free(&entry->metadata_str);
    1085. 

  1085. 			return ZEND_HASH_APPLY_STOP;
    1086. 

  1086. 		}
    1087. 

  1087. 

  1088. 		smart_str_free(&entry->metadata_str);
    1089. 

  1089. 	}
    1090. 

  1090. 

  1091. 	return ZEND_HASH_APPLY_KEEP;
    1092. 

  1092. }
    1093. 

  1093. /* }}} */
    1094. 

  1094. 

  1095. static int phar_zip_applysignature(phar_archive_data *phar, struct _phar_zip_pass *pass,
    1096. 

  1096. 				   smart_str *metadata TSRMLS_DC) /* {{{ */
    1097. 

  1097. {
    1098. 

  1098. 	/* add signature for executable tars or tars explicitly set with setSignatureAlgorithm */
    1099. 

  1099. 	if (!phar->is_data || phar->sig_flags) {
    1100. 

  1100. 		int signature_length;
    1101. 

  1101. 		char *signature, sigbuf[8];
    1102. 

  1102. 		phar_entry_info entry = {0};
    1103. 

  1103. 		php_stream *newfile;
    1104. 

  1104. 		off_t tell, st;
    1105. 

  1105. 

  1106. 		newfile = php_stream_fopen_tmpfile();
    1107. 

  1107. 		st = tell = php_stream_tell(pass->filefp);
    1108. 

  1108. 		/* copy the local files, central directory, and the zip comment to generate the hash */
    1109. 

  1109. 		php_stream_seek(pass->filefp, 0, SEEK_SET);
    1110. 

  1110. 		phar_stream_copy_to_stream(pass->filefp, newfile, tell, NULL);
    1111. 

  1111. 		tell = php_stream_tell(pass->centralfp);
    1112. 

  1112. 		php_stream_seek(pass->centralfp, 0, SEEK_SET);
    1113. 

  1113. 		phar_stream_copy_to_stream(pass->centralfp, newfile, tell, NULL);
    1114. 

  1114. 		if (metadata->c) {
    1115. 

  1115. 			php_stream_write(newfile, metadata->c, metadata->len);
    1116. 

  1116. 		}
    1117. 

  1117. 

  1118. 		if (FAILURE == phar_create_signature(phar, newfile, &signature, &signature_length, pass->error TSRMLS_CC)) {
    1119. 

  1119. 			if (pass->error) {
    1120. 

  1120. 				char *save = *(pass->error);
    1121. 

  1121. 				spprintf(pass->error, 0, "phar error: unable to write signature to zip-based phar: %s", save);
    1122. 

  1122. 				efree(save);
    1123. 

  1123. 			}
    1124. 

  1124. 

  1125. 			php_stream_close(newfile);
    1126. 

  1126. 			return FAILURE;
    1127. 

  1127. 		}
    1128. 

  1128. 

  1129. 		entry.filename = ".phar/signature.bin";
    1130. 

  1130. 		entry.filename_len = sizeof(".phar/signature.bin")-1;
    1131. 

  1131. 		entry.fp = php_stream_fopen_tmpfile();
    1132. 

  1132. 		entry.fp_type = PHAR_MOD;
    1133. 

  1133. 		entry.is_modified = 1;
    1134. 

  1134. 

  1135. 		PHAR_SET_32(sigbuf, phar->sig_flags);
    1136. 

  1136. 		PHAR_SET_32(sigbuf + 4, signature_length);
    1137. 

  1137. 

  1138. 		if (8 != (int)php_stream_write(entry.fp, sigbuf, 8) || signature_length != (int)php_stream_write(entry.fp, signature, signature_length)) {
    1139. 

  1139. 			efree(signature);
    1140. 

  1140. 			if (pass->error) {
    1141. 

  1141. 				spprintf(pass->error, 0, "phar error: unable to write signature to zip-based phar %s", phar->fname);
    1142. 

  1142. 			}
    1143. 

  1143. 

  1144. 			php_stream_close(newfile);
    1145. 

  1145. 			return FAILURE;
    1146. 

  1146. 		}
    1147. 

  1147. 

  1148. 		efree(signature);
    1149. 

  1149. 		entry.uncompressed_filesize = entry.compressed_filesize = signature_length + 8;
    1150. 

  1150. 		entry.phar = phar;
    1151. 

  1151. 		/* throw out return value and write the signature */
    1152. 

  1152. 		phar_zip_changed_apply((void *)&entry, (void *)pass TSRMLS_CC);
    1153. 

  1153. 		php_stream_close(newfile);
    1154. 

  1154. 

  1155. 		if (pass->error && *(pass->error)) {
    1156. 

  1156. 			/* error is set by writeheaders */
    1157. 

  1157. 			php_stream_close(newfile);
    1158. 

  1158. 			return FAILURE;
    1159. 

  1159. 		}
    1160. 

  1160. 	} /* signature */
    1161. 

  1161. 	return SUCCESS;
    1162. 

  1162. }
    1163. 

  1163. /* }}} */
    1164. 

  1164. 

  1165. int phar_zip_flush(phar_archive_data *phar, char *user_stub, long len, int defaultstub, char **error TSRMLS_DC) /* {{{ */
    1166. 

  1166. {
    1167. 

  1167. 	char *pos;
    1168. 

  1168. 	smart_str main_metadata_str = {0};
    1169. 

  1169. 	static const char newstub[] = "<?php // zip-based phar archive stub file\n__HALT_COMPILER();";
    1170. 

  1170. 	char halt_stub[] = "__HALT_COMPILER();";
    1171. 

  1171. 	char *tmp;
    1172. 

  1172. 	
    1173. 

  1173. 	php_stream *stubfile, *oldfile;
    1174. 

  1174. 	php_serialize_data_t metadata_hash;
    1175. 

  1175. 	int free_user_stub, closeoldfile = 0;
    1176. 

  1176. 	phar_entry_info entry = {0};
    1177. 

  1177. 	char *temperr = NULL;
    1178. 

  1178. 	struct _phar_zip_pass pass;
    1179. 

  1179. 	phar_zip_dir_end eocd;
    1180. 

  1180. 	php_uint32 cdir_size, cdir_offset;
    1181. 

  1181. 

  1182. 	pass.error = &temperr;
    1183. 

  1183. 	entry.flags = PHAR_ENT_PERM_DEF_FILE;
    1184. 

  1184. 	entry.timestamp = sapi_get_request_time(TSRMLS_C);
    1185. 

  1185. 	entry.is_modified = 1;
    1186. 

  1186. 	entry.is_zip = 1;
    1187. 

  1187. 	entry.phar = phar;
    1188. 

  1188. 	entry.fp_type = PHAR_MOD;
    1189. 

  1189. 

  1190. 	if (phar->is_persistent) {
    1191. 

  1191. 		if (error) {
    1192. 

  1192. 			spprintf(error, 0, "internal error: attempt to flush cached zip-based phar \"%s\"", phar->fname);
    1193. 

  1193. 		}
    1194. 

  1194. 		return EOF;
    1195. 

  1195. 	}
    1196. 

  1196. 

  1197. 	if (phar->is_data) {
    1198. 

  1198. 		goto nostub;
    1199. 

  1199. 	}
    1200. 

  1200. 

  1201. 	/* set alias */
    1202. 

  1202. 	if (!phar->is_temporary_alias && phar->alias_len) {
    1203. 

  1203. 		entry.fp = php_stream_fopen_tmpfile();
    1204. 

  1204. 

  1205. 		if (phar->alias_len != (int)php_stream_write(entry.fp, phar->alias, phar->alias_len)) {
    1206. 

  1206. 			if (error) {
    1207. 

  1207. 				spprintf(error, 0, "unable to set alias in zip-based phar \"%s\"", phar->fname);
    1208. 

  1208. 			}
    1209. 

  1209. 			return EOF;
    1210. 

  1210. 		}
    1211. 

  1211. 

  1212. 		entry.uncompressed_filesize = entry.compressed_filesize = phar->alias_len;
    1213. 

  1213. 		entry.filename = estrndup(".phar/alias.txt", sizeof(".phar/alias.txt")-1);
    1214. 

  1214. 		entry.filename_len = sizeof(".phar/alias.txt")-1;
    1215. 

  1215. 

  1216. 		if (SUCCESS != zend_hash_update(&phar->manifest, entry.filename, entry.filename_len, (void*)&entry, sizeof(phar_entry_info), NULL)) {
    1217. 

  1217. 			if (error) {
    1218. 

  1218. 				spprintf(error, 0, "unable to set alias in zip-based phar \"%s\"", phar->fname);
    1219. 

  1219. 			}
    1220. 

  1220. 			return EOF;
    1221. 

  1221. 		}
    1222. 

  1222. 	} else {
    1223. 

  1223. 		zend_hash_del(&phar->manifest, ".phar/alias.txt", sizeof(".phar/alias.txt")-1);
    1224. 

  1224. 	}
    1225. 

  1225. 

  1226. 	/* register alias */
    1227. 

  1227. 	if (phar->alias_len) {
    1228. 

  1228. 		if (FAILURE == phar_get_archive(&phar, phar->fname, phar->fname_len, phar->alias, phar->alias_len, error TSRMLS_CC)) {
    1229. 

  1229. 			return EOF;
    1230. 

  1230. 		}
    1231. 

  1231. 	}
    1232. 

  1232. 

  1233. 	/* set stub */
    1234. 

  1234. 	if (user_stub && !defaultstub) {
    1235. 

  1235. 		if (len < 0) {
    1236. 

  1236. 			/* resource passed in */
    1237. 

  1237. 			if (!(php_stream_from_zval_no_verify(stubfile, (zval **)user_stub))) {
    1238. 

  1238. 				if (error) {
    1239. 

  1239. 					spprintf(error, 0, "unable to access resource to copy stub to new zip-based phar \"%s\"", phar->fname);
    1240. 

  1240. 				}
    1241. 

  1241. 				return EOF;
    1242. 

  1242. 			}
    1243. 

  1243. 

  1244. 			if (len == -1) {
    1245. 

  1245. 				len = PHP_STREAM_COPY_ALL;
    1246. 

  1246. 			} else {
    1247. 

  1247. 				len = -len;
    1248. 

  1248. 			}
    1249. 

  1249. 

  1250. 			user_stub = 0;
    1251. 

  1251. 

  1252. #if PHP_MAJOR_VERSION >= 6
    1253. 

  1253. 			if (!(len = php_stream_copy_to_mem(stubfile, (void **) &user_stub, len, 0)) || !user_stub) {
    1254. 

  1254. #else
    1255. 

  1255. 			if (!(len = php_stream_copy_to_mem(stubfile, &user_stub, len, 0)) || !user_stub) {
    1256. 

  1256. #endif
    1257. 

  1257. 				if (error) {
    1258. 

  1258. 					spprintf(error, 0, "unable to read resource to copy stub to new zip-based phar \"%s\"", phar->fname);
    1259. 

  1259. 				}
    1260. 

  1260. 				return EOF;
    1261. 

  1261. 			}
    1262. 

  1262. 			free_user_stub = 1;
    1263. 

  1263. 		} else {
    1264. 

  1264. 			free_user_stub = 0;
    1265. 

  1265. 		}
    1266. 

  1266. 

  1267. 		tmp = estrndup(user_stub, len);
    1268. 

  1268. 		if ((pos = php_stristr(tmp, halt_stub, len, sizeof(halt_stub) - 1)) == NULL) {
    1269. 

  1269. 			efree(tmp);
    1270. 

  1270. 			if (error) {
    1271. 

  1271. 				spprintf(error, 0, "illegal stub for zip-based phar \"%s\"", phar->fname);
    1272. 

  1272. 			}
    1273. 

  1273. 			if (free_user_stub) {
    1274. 

  1274. 				efree(user_stub);
    1275. 

  1275. 			}
    1276. 

  1276. 			return EOF;
    1277. 

  1277. 		}
    1278. 

  1278. 		pos = user_stub + (pos - tmp);
    1279. 

  1279. 		efree(tmp);
    1280. 

  1280. 

  1281. 		len = pos - user_stub + 18;
    1282. 

  1282. 		entry.fp = php_stream_fopen_tmpfile();
    1283. 

  1283. 		entry.uncompressed_filesize = len + 5;
    1284. 

  1284. 

  1285. 		if ((size_t)len != php_stream_write(entry.fp, user_stub, len)
    1286. 

  1286. 		||            5 != php_stream_write(entry.fp, " ?>\r\n", 5)) {
    1287. 

  1287. 			if (error) {
    1288. 

  1288. 				spprintf(error, 0, "unable to create stub from string in new zip-based phar \"%s\"", phar->fname);
    1289. 

  1289. 			}
    1290. 

  1290. 			if (free_user_stub) {
    1291. 

  1291. 				efree(user_stub);
    1292. 

  1292. 			}
    1293. 

  1293. 			php_stream_close(entry.fp);
    1294. 

  1294. 			return EOF;
    1295. 

  1295. 		}
    1296. 

  1296. 

  1297. 		entry.filename = estrndup(".phar/stub.php", sizeof(".phar/stub.php")-1);
    1298. 

  1298. 		entry.filename_len = sizeof(".phar/stub.php")-1;
    1299. 

  1299. 

  1300. 		if (SUCCESS != zend_hash_update(&phar->manifest, entry.filename, entry.filename_len, (void*)&entry, sizeof(phar_entry_info), NULL)) {
    1301. 

  1301. 			if (free_user_stub) {
    1302. 

  1302. 				efree(user_stub);
    1303. 

  1303. 			}
    1304. 

  1304. 			if (error) {
    1305. 

  1305. 				spprintf(error, 0, "unable to set stub in zip-based phar \"%s\"", phar->fname);
    1306. 

  1306. 			}
    1307. 

  1307. 			return EOF;
    1308. 

  1308. 		}
    1309. 

  1309. 

  1310. 		if (free_user_stub) {
    1311. 

  1311. 			efree(user_stub);
    1312. 

  1312. 		}
    1313. 

  1313. 	} else {
    1314. 

  1314. 		/* Either this is a brand new phar (add the stub), or the default stub is required (overwrite the stub) */
    1315. 

  1315. 		entry.fp = php_stream_fopen_tmpfile();
    1316. 

  1316. 

  1317. 		if (sizeof(newstub)-1 != php_stream_write(entry.fp, newstub, sizeof(newstub)-1)) {
    1318. 

  1318. 			php_stream_close(entry.fp);
    1319. 

  1319. 			if (error) {
    1320. 

  1320. 				spprintf(error, 0, "unable to %s stub in%szip-based phar \"%s\", failed", user_stub ? "overwrite" : "create", user_stub ? " " : " new ", phar->fname);
    1321. 

  1321. 			}
    1322. 

  1322. 			return EOF;
    1323. 

  1323. 		}
    1324. 

  1324. 

  1325. 		entry.uncompressed_filesize = entry.compressed_filesize = sizeof(newstub) - 1;
    1326. 

  1326. 		entry.filename = estrndup(".phar/stub.php", sizeof(".phar/stub.php")-1);
    1327. 

  1327. 		entry.filename_len = sizeof(".phar/stub.php")-1;
    1328. 

  1328. 

  1329. 		if (!defaultstub) {
    1330. 

  1330. 			if (!zend_hash_exists(&phar->manifest, ".phar/stub.php", sizeof(".phar/stub.php")-1)) {
    1331. 

  1331. 				if (SUCCESS != zend_hash_add(&phar->manifest, entry.filename, entry.filename_len, (void*)&entry, sizeof(phar_entry_info), NULL)) {
    1332. 

  1332. 					php_stream_close(entry.fp);
    1333. 

  1333. 					efree(entry.filename);
    1334. 

  1334. 					if (error) {
    1335. 

  1335. 						spprintf(error, 0, "unable to create stub in zip-based phar \"%s\"", phar->fname);
    1336. 

  1336. 					}
    1337. 

  1337. 					return EOF;
    1338. 

  1338. 				}
    1339. 

  1339. 			} else {
    1340. 

  1340. 				php_stream_close(entry.fp);
    1341. 

  1341. 				efree(entry.filename);
    1342. 

  1342. 			}
    1343. 

  1343. 		} else {
    1344. 

  1344. 			if (SUCCESS != zend_hash_update(&phar->manifest, entry.filename, entry.filename_len, (void*)&entry, sizeof(phar_entry_info), NULL)) {
    1345. 

  1345. 				php_stream_close(entry.fp);
    1346. 

  1346. 				efree(entry.filename);
    1347. 

  1347. 				if (error) {
    1348. 

  1348. 					spprintf(error, 0, "unable to overwrite stub in zip-based phar \"%s\"", phar->fname);
    1349. 

  1349. 				}
    1350. 

  1350. 				return EOF;
    1351. 

  1351. 			}
    1352. 

  1352. 		}
    1353. 

  1353. 	}
    1354. 

  1354. nostub:
    1355. 

  1355. 	if (phar->fp && !phar->is_brandnew) {
    1356. 

  1356. 		oldfile = phar->fp;
    1357. 

  1357. 		closeoldfile = 0;
    1358. 

  1358. 		php_stream_rewind(oldfile);
    1359. 

  1359. 	} else {
    1360. 

  1360. 		oldfile = php_stream_open_wrapper(phar->fname, "rb", 0, NULL);
    1361. 

  1361. 		closeoldfile = oldfile != NULL;
    1362. 

  1362. 	}
    1363. 

  1363. 

  1364. 	/* save modified files to the zip */
    1365. 

  1365. 	pass.old = oldfile;
    1366. 

  1366. 	pass.filefp = php_stream_fopen_tmpfile();
    1367. 

  1367. 

  1368. 	if (!pass.filefp) {
    1369. 

  1369. fperror:
    1370. 

  1370. 		if (closeoldfile) {
    1371. 

  1371. 			php_stream_close(oldfile);
    1372. 

  1372. 		}
    1373. 

  1373. 		if (error) {
    1374. 

  1374. 			spprintf(error, 4096, "phar zip flush of \"%s\" failed: unable to open temporary file", phar->fname);
    1375. 

  1375. 		}
    1376. 

  1376. 		return EOF;
    1377. 

  1377. 	}
    1378. 

  1378. 

  1379. 	pass.centralfp = php_stream_fopen_tmpfile();
    1380. 

  1380. 

  1381. 	if (!pass.centralfp) {
    1382. 

  1382. 		goto fperror;
    1383. 

  1383. 	}
    1384. 

  1384. 

  1385. 	pass.free_fp = pass.free_ufp = 1;
    1386. 

  1386. 	memset(&eocd, 0, sizeof(eocd));
    1387. 

  1387. 

  1388. 	strncpy(eocd.signature, "PK\5\6", 4);
    1389. 

  1389. 	if (!phar->is_data && !phar->sig_flags) {
    1390. 

  1390. 		phar->sig_flags = PHAR_SIG_SHA1;
    1391. 

  1391. 	}
    1392. 

  1392. 	if (phar->sig_flags) {
    1393. 

  1393. 		PHAR_SET_16(eocd.counthere, zend_hash_num_elements(&phar->manifest) + 1);
    1394. 

  1394. 		PHAR_SET_16(eocd.count, zend_hash_num_elements(&phar->manifest) + 1);
    1395. 

  1395. 	} else {
    1396. 

  1396. 		PHAR_SET_16(eocd.counthere, zend_hash_num_elements(&phar->manifest));
    1397. 

  1397. 		PHAR_SET_16(eocd.count, zend_hash_num_elements(&phar->manifest));
    1398. 

  1398. 	}
    1399. 

  1399. 	zend_hash_apply_with_argument(&phar->manifest, phar_zip_changed_apply, (void *) &pass TSRMLS_CC);
    1400. 

  1400. 

  1401. 	if (phar->metadata) {
    1402. 

  1402. 		/* set phar metadata */
    1403. 

  1403. 		PHP_VAR_SERIALIZE_INIT(metadata_hash);
    1404. 

  1404. 		php_var_serialize(&main_metadata_str, &phar->metadata, &metadata_hash TSRMLS_CC);
    1405. 

  1405. 		PHP_VAR_SERIALIZE_DESTROY(metadata_hash);
    1406. 

  1406. 	}
    1407. 

  1407. 	if (temperr) {
    1408. 

  1408. 		if (error) {
    1409. 

  1409. 			spprintf(error, 4096, "phar zip flush of \"%s\" failed: %s", phar->fname, temperr);
    1410. 

  1410. 		}
    1411. 

  1411. 		efree(temperr);
    1412. 

  1412. temperror:
    1413. 

  1413. 		php_stream_close(pass.centralfp);
    1414. 

  1414. nocentralerror:
    1415. 

  1415. 		if (phar->metadata) {
    1416. 

  1416. 			smart_str_free(&main_metadata_str);
    1417. 

  1417. 		}
    1418. 

  1418. 		php_stream_close(pass.filefp);
    1419. 

  1419. 		if (closeoldfile) {
    1420. 

  1420. 			php_stream_close(oldfile);
    1421. 

  1421. 		}
    1422. 

  1422. 		return EOF;
    1423. 

  1423. 	}
    1424. 

  1424. 

  1425. 	if (FAILURE == phar_zip_applysignature(phar, &pass, &main_metadata_str TSRMLS_CC)) {
    1426. 

  1426. 		goto temperror;
    1427. 

  1427. 	}
    1428. 

  1428. 

  1429. 	/* save zip */
    1430. 

  1430. 	cdir_size = php_stream_tell(pass.centralfp);
    1431. 

  1431. 	cdir_offset = php_stream_tell(pass.filefp);
    1432. 

  1432. 	PHAR_SET_32(eocd.cdir_size, cdir_size);
    1433. 

  1433. 	PHAR_SET_32(eocd.cdir_offset, cdir_offset);
    1434. 

  1434. 	php_stream_seek(pass.centralfp, 0, SEEK_SET);
    1435. 

  1435. 

  1436. 	{
    1437. 

  1437. 		size_t clen;
    1438. 

  1438. 		int ret = phar_stream_copy_to_stream(pass.centralfp, pass.filefp, PHP_STREAM_COPY_ALL, &clen);
    1439. 

  1439. 		if (SUCCESS != ret || clen != cdir_size) {
    1440. 

  1440. 			if (error) {
    1441. 

  1441. 				spprintf(error, 4096, "phar zip flush of \"%s\" failed: unable to write central-directory", phar->fname);
    1442. 

  1442. 			}
    1443. 

  1443. 			goto temperror;
    1444. 

  1444. 		}
    1445. 

  1445. 	}
    1446. 

  1446. 

  1447. 	php_stream_close(pass.centralfp);
    1448. 

  1448. 

  1449. 	if (phar->metadata) {
    1450. 

  1450. 		/* set phar metadata */
    1451. 

  1451. 		PHAR_SET_16(eocd.comment_len, main_metadata_str.len);
    1452. 

  1452. 

  1453. 		if (sizeof(eocd) != php_stream_write(pass.filefp, (char *)&eocd, sizeof(eocd))) {
    1454. 

  1454. 			if (error) {
    1455. 

  1455. 				spprintf(error, 4096, "phar zip flush of \"%s\" failed: unable to write end of central-directory", phar->fname);
    1456. 

  1456. 			}
    1457. 

  1457. 			goto nocentralerror;
    1458. 

  1458. 		}
    1459. 

  1459. 

  1460. 		if (main_metadata_str.len != php_stream_write(pass.filefp, main_metadata_str.c, main_metadata_str.len)) {
    1461. 

  1461. 			if (error) {
    1462. 

  1462. 				spprintf(error, 4096, "phar zip flush of \"%s\" failed: unable to write metadata to zip comment", phar->fname);
    1463. 

  1463. 			}
    1464. 

  1464. 			goto nocentralerror;
    1465. 

  1465. 		}
    1466. 

  1466. 

  1467. 		smart_str_free(&main_metadata_str);
    1468. 

  1468. 

  1469. 	} else {
    1470. 

  1470. 		if (sizeof(eocd) != php_stream_write(pass.filefp, (char *)&eocd, sizeof(eocd))) {
    1471. 

  1471. 			if (error) {
    1472. 

  1472. 				spprintf(error, 4096, "phar zip flush of \"%s\" failed: unable to write end of central-directory", phar->fname);
    1473. 

  1473. 			}
    1474. 

  1474. 			goto nocentralerror;
    1475. 

  1475. 		}
    1476. 

  1476. 	}
    1477. 

  1477. 

  1478. 	if (phar->fp && pass.free_fp) {
    1479. 

  1479. 		php_stream_close(phar->fp);
    1480. 

  1480. 	}
    1481. 

  1481. 

  1482. 	if (phar->ufp) {
    1483. 

  1483. 		if (pass.free_ufp) {
    1484. 

  1484. 			php_stream_close(phar->ufp);
    1485. 

  1485. 		}
    1486. 

  1486. 		phar->ufp = NULL;
    1487. 

  1487. 	}
    1488. 

  1488. 

  1489. 	/* re-open */
    1490. 

  1490. 	phar->is_brandnew = 0;
    1491. 

  1491. 

  1492. 	if (phar->donotflush) {
    1493. 

  1493. 		/* deferred flush */
    1494. 

  1494. 		phar->fp = pass.filefp;
    1495. 

  1495. 	} else {
    1496. 

  1496. 		phar->fp = php_stream_open_wrapper(phar->fname, "w+b", IGNORE_URL|STREAM_MUST_SEEK|REPORT_ERRORS, NULL);
    1497. 

  1497. 		if (!phar->fp) {
    1498. 

  1498. 			if (closeoldfile) {
    1499. 

  1499. 				php_stream_close(oldfile);
    1500. 

  1500. 			}
    1501. 

  1501. 			phar->fp = pass.filefp;
    1502. 

  1502. 			if (error) {
    1503. 

  1503. 				spprintf(error, 4096, "unable to open new phar \"%s\" for writing", phar->fname);
    1504. 

  1504. 			}
    1505. 

  1505. 			return EOF;
    1506. 

  1506. 		}
    1507. 

  1507. 		php_stream_rewind(pass.filefp);
    1508. 

  1508. 		phar_stream_copy_to_stream(pass.filefp, phar->fp, PHP_STREAM_COPY_ALL, NULL);
    1509. 

  1509. 		/* we could also reopen the file in "rb" mode but there is no need for that */
    1510. 

  1510. 		php_stream_close(pass.filefp);
    1511. 

  1511. 	}
    1512. 

  1512. 

  1513. 	if (closeoldfile) {
    1514. 

  1514. 		php_stream_close(oldfile);
    1515. 

  1515. 	}
    1516. 

  1516. 	return EOF;
    1517. 

  1517. }
    1518. 

  1518. /* }}} */
    1519. 

  1519. 

  1520. /*
    1521. 

  1521.  * Local variables:
    1522. 

  1522.  * tab-width: 4
    1523. 

  1523.  * c-basic-offset: 4
    1524. 

  1524.  * End:
    1525. 

  1525.  * vim600: noet sw=4 ts=4 fdm=marker
    1526. 

  1526.  * vim<600: noet sw=4 ts=4
    1527. 

  1527.  */
    1528. 

  1528.