php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #42181 corrupted bz2-Files
Submitted: 2007-08-02 14:10 UTC Modified: 2007-08-02 19:33 UTC
From: markus dot hoefer at med dot uni-muenchen dot de Assigned:
Status: Not a bug Package: Website problem
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2007-08-02 14:10 UTC] markus dot hoefer at med dot uni-muenchen dot de 
Description:
------------
I think the source code packages (php-5.2.3.tar.gz and php-5.2.3.tar.bz2) contains corrupted bz2-files in 
ext/bz2/tests/
Corrupted files: 004_1.txt.bz2 an 004_2.txt.bz2

So Virusscanners on Firewalls have problems to scan the .tar.gz and .tar.bz2 Archives and will block the whole archive.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-08-02 15:26 UTC] bjori@php.net 
Which mirror did you use?
 [2007-08-02 15:28 UTC] bjori@php.net 
On second look, this is intentional.
These files are part of the ext/bz2 test suite.
 [2007-08-02 18:21 UTC] markus dot hoefer at med dot uni-muenchen dot de 
Thanks for your quick reply.

The mirror was de2.php.net Speedbone. 

So why tells bzip2 that the files have CRC errors

>/php-5.2.3/ext/bz2/tests # bzip2 -t 004_2.txt.bz2
>bzip2: 004_2.txt.bz2: data integrity (CRC) error in data
>
>You can use the `bzip2recover' program to attempt to recover
>data from undamaged sections of corrupted files.

The problem is, our customers can't download the archive because our virusscanner reclaims the whole file as corrupted.
 [2007-08-02 19:33 UTC] bjori@php.net 
To make sure the bz2 extension in PHP doesn't crash or have any security related problems when dealing with broken bz2 files we have (intentionally) broken bz2 files in the test suite.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Jun 01 12:01:31 2024 UTC