PHP :: Bug #49072 :: feof never returns true for damaged file in zip

Bug #49072	feof never returns true for damaged file in zip
Submitted:	2009-07-27 11:47 UTC	Modified:	2011-02-07 16:21 UTC
From:	TorokAlpar at Gmail dot com	Assigned:	cataphract (profile)
Status:	Closed	Package:	Zip Related
PHP Version:	5.3.0	OS:	Windows Xp, Linux
Private report:	No	CVE-ID:	None

View Developer Edit

[2009-07-27 11:47 UTC] TorokAlpar at Gmail dot com

Description:
------------
Opening a damaged zip archive (7z reports CRC failed for the faulty file), feof never return true, the script blocks, causing high CPU usage. 

Please contact me to get a zip that produces this problem. I don't see how can i attach it here

Reproduce code:
---------------
$o = new ZipArchive();
if (! $o->open('test.zip',ZipArchive::CHECKCONS)) {
	exit ('error can\'t open');
}
$o->getStream('file2'); // this file is ok
echo "OK";
$r = $o->getStream('file1'); // this file has a wrong crc
while (! feof($r)) {
	fread($r,1024);
}
echo "never here\n";


Expected result:
----------------
The script either reads the file ignoring the crc error, or reports the error, but finishes.  

Actual result:
--------------
the script  never ends, and uses up the CPU

Patches

zip_stream_errors_reported.patch (last revision 2011-02-01 12:20 UTC by rquadling@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-07-27 12:39 UTC] pajoye@php.net

Please send me the archive you used to reproduce this problem.

[2009-08-11 15:12 UTC] svn@php.net

Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&revision=287095
Log: - fixed bug #49072, feof never returns true for damaged file in zip

[2009-08-11 17:11 UTC] svn@php.net

Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&revision=287102
Log: - merge fix for php bug #49072

[2009-08-12 08:36 UTC] pajoye@php.net

Fixed in the pecl release 1.10.2 and patch applied to all branches (will be in php 5.2.11 and 5.3.1).

[2011-02-01 13:19 UTC] rquadling@php.net

-Assigned To: +Assigned To: rquadling

[2011-02-01 13:19 UTC] rquadling@php.net

The test http://svn.php.net/viewvc/php/php-src/trunk/ext/zip/tests/bug49072.phpt is currently failing.

From what I can tell, the reason for the failure is that the when processing (http://svn.php.net/viewvc/php/php-src/trunk/ext/zip/zip_stream.c?view=annotate#l31), the return type from zip_fread (line 37) is cast to size_t.

This is, at the most basic, an unsigned type. So, when comparing (n < 0), this will always be false.

And so any errors recording during the zip_fread() call will fail to be passed on.

Removing the casting and having n as type int, allows the test to pass and the appropriate error is generated.

Patch attached.

[2011-02-01 13:20 UTC] rquadling@php.net

The following patch has been added/updated:

Patch Name: zip_stream_errors_reported.patch
Revision:   1296562807
URL:        http://bugs.php.net/patch-display.php?bug=49072&patch=zip_stream_errors_reported.patch&revision=1296562807

[2011-02-01 13:22 UTC] rquadling@php.net

-Status: Closed +Status: Re-Opened -Assigned To: rquadling +Assigned To:

[2011-02-01 13:22 UTC] rquadling@php.net

Unassigned from me as I don't have karma.

[2011-02-01 14:59 UTC] cataphract@php.net

-Assigned To: +Assigned To: cataphract

[2011-02-01 15:43 UTC] cataphract@php.net

Automatic comment from SVN on behalf of cataphract
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=307916
Log: - Fixed bug #49072 (feof never returns true for damaged file in zip).

[2011-02-01 15:44 UTC] cataphract@php.net

Automatic comment from SVN on behalf of cataphract
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=307917
Log: - Fixed bug #49072 (feof never returns true for damaged file in zip).

[2011-02-01 15:44 UTC] cataphract@php.net

-Status: Re-Opened +Status: Closed

[2011-02-07 16:12 UTC] pajoye@php.net

-Status: Closed +Status: Assigned

[2011-02-07 16:12 UTC] pajoye@php.net

Test fails here:

001+ 
001- Warning: fread(): Zip stream error: CRC error in %s on line %d

[2011-02-07 16:13 UTC] pajoye@php.net

Test for this bug fail here (5.3/trunk):

001+ 
001- Warning: fread(): Zip stream error: CRC error in %s on line %d

[2011-02-07 16:21 UTC] pajoye@php.net

-Status: Assigned +Status: Closed

[2011-02-07 16:21 UTC] pajoye@php.net

Wrong build, test passes just fine

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri Oct 24 22:00:02 2025 UTC