php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #44055 wrong default cast for offset used in fseek
Submitted: 2008-02-05 21:32 UTC Modified: 2008-07-31 10:25 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: vadim at vadiaz dot com Assigned: pajoye (profile)
Status: Not a bug Package: Zip Related
PHP Version: 5.2.6 OS: Linux x86_64
Private report: No CVE-ID: None
 [2008-02-05 21:32 UTC] vadim at vadiaz dot com
Description:
------------
zip extention failed to open zip files with thousands of files in root directory on 64 bit Linux systems. From strace I seen than fseek get value close to max_long.
After reviewing code I figured out that it caused by wrong default type cast in php-5.2.5/ext/zip/lib/zip_open.c:313

fseek(fp, -(cd->size+cd->comment_len+EOCDLEN), SEEK_END);

which should be:

fseek(fp, -((long)(cd->size+cd->comment_len+EOCDLEN)), SEEK_END);

because on 64 bit systems long is 8 byte. 
I aaplied following path and rebuild rpms for my CentOS 5 from scratch which solves the problem

--- php-5.2.5/ext/zip/lib/zip_open.c.seek_error 2008-02-05 22:05:03.000000000 +0200                                                                          
+++ php-5.2.5/ext/zip/lib/zip_open.c    2008-02-05 23:17:05.000000000 +0200                                                                                  
@@ -313,7 +313,7 @@                                                                                                                                          
        /* go to start of cdir and read it entry by entry */                                                                                                 
        bufp = NULL;                                                                                                                                         
        clearerr(fp);                                                                                                                                        
-       fseek(fp, -(cd->size+cd->comment_len+EOCDLEN), SEEK_END);                                                                                            
+       fseek(fp, -((long)(cd->size+cd->comment_len+EOCDLEN)), SEEK_END);                                                                                    
        if (ferror(fp) || ((unsigned int)ftell(fp) != cd->offset)) {                                                                                         
            /* seek error or offset of cdir wrong */                                                                                                         
            if (ferror(fp))                         




Reproduce code:
---------------
<html>
<head>
<title>Test of ZipArchive</title>
</head>
<body>
<?php
ini_set('display_errors','true');
include_once "/home/httpd/includes/general/zip0stream.php";

include "zip0://testSite.zip/f1/tst.php";

?>
</body>
</html>


Expected result:
----------------
<html>
<head>
<title>Test of ZipArchive</title>
</head>
<body>
<center><h1>ZipArchive works Ok</h1></center></body>
</html>


Actual result:
--------------
can not open stream 'zip0://testSite.zip/f1/tst.php'

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-02-05 22:49 UTC] pajoye@php.net
Duplicated, it is already reported in pecl:
http://pecl.php.net/bugs/bug.php?id=12965

no need to duplicate it here.
 [2008-07-29 10:37 UTC] vadim at vadiaz dot com
It is not bogus because zip extention is now part of main package
and bug fix was not released in 5.2.6 :(
now I am rebuilding php rpms for all my distributions :(
 [2008-07-29 12:47 UTC] pajoye@php.net
"It is not bogus because zip extention is now part of main package
and bug fix was not released in 5.2.6 :( now I am rebuilding php rpms for all my distributions :("

It is bogus as it is duplicated. Zip is released both in pecl and with the core distribution. An update for PECL is planed after 5.3.0-alpha1 or alpha2. This update works for 5.2.x as well. Almost all linux distro uses PECL as mainstream releases.

Btw, the fix is in CVS already.
 [2008-07-31 10:03 UTC] vadim at vadiaz dot com
RedHat, CentOS, Fedora, etc have zip extention in core package, also if you download source from php.net (current is 5.2.6) you will get it with unpatched zip extention
 [2008-07-31 10:25 UTC] pajoye@php.net
They are all redhat based, no wonder. The fix can't make it in 5.2.x.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sun May 26 05:01:26 2019 UTC