php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #52830 PHP hangs on various setups when trying to read from a corrupted ZIP file
Submitted: 2010-09-13 21:47 UTC Modified: 2010-09-14 14:47 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: johannes_schultz at gmx dot de Assigned:
Status: Not a bug Package: Zip Related
PHP Version: Irrelevant OS: Windows, Debian
Private report: No CVE-ID: None
View Developer Edit
 [2010-09-13 21:47 UTC] johannes_schultz at gmx dot de 
Description:
------------
I have a broken ZIP file which makes PHP hang on various setups on both Windows and Linux (Debian):
http://modplug.soonlabel.com/music/1000/1342-The_Mighty_Roofus-Trondheim.mp3.zip
If the CHECKCONS flag is involved, it hangs already when opening the archive, else it will hang when trying to extract the file.



Test script:
---------------
$zipRead = new ZipArchive;
$res = $zipRead->open("1342-The_Mighty_Roofus-Trondheim.mp3.zip", ZipArchive::CHECKCONS); // this will hang PHP


Expected result:
----------------
Returning an error

Actual result:
--------------
PHP hangs

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-09-14 08:12 UTC] aharvey@php.net
-Status: Open +Status: Feedback
 [2010-09-14 08:12 UTC] aharvey@php.net 
Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/

This sounds like bug #44382, which was fixed some time ago, and I can't reproduce it on a current version of PHP.
 [2010-09-14 13:17 UTC] johannes_schultz at gmx dot de
-Status: Feedback +Status: Open
 [2010-09-14 13:17 UTC] johannes_schultz at gmx dot de 
Seems to work with the current snapshot, thanks. No I wonder when this fix will be available through the Debian update...
 [2010-09-14 13:21 UTC] pajoye@php.net
-Status: Open +Status: Feedback
 [2010-09-14 13:21 UTC] pajoye@php.net 
Current snapshot or 5.3.3? It should work with 5.3.3 too. Can you try it as well please?
 [2010-09-14 13:22 UTC] johannes_schultz at gmx dot de
-Status: Feedback +Status: Open
 [2010-09-14 13:22 UTC] johannes_schultz at gmx dot de 
I tried 5.3.3, no problems there.
 [2010-09-14 13:23 UTC] pajoye@php.net
-Status: Open +Status: Bogus
 [2010-09-14 13:23 UTC] pajoye@php.net 
Thanks :)

Not a bug, already fixed > bogus.
 [2010-09-14 13:26 UTC] johannes_schultz at gmx dot de 
Is there a way to somehow circumvent this problem on older versions, though? I don't really want to mess around with the server software, even if I can.
 [2010-09-14 13:33 UTC] pajoye@php.net 
You can compile your own zip extension and use it until Debian has updated their package.
 [2010-09-14 14:47 UTC] johannes_schultz at gmx dot de 
Ok, so is there a quick way to _just_ build the zip extension? A quick glance at the "configure" help at least doesn't show a quick way to ignore all other stuff to be built...
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Feb 05 06:01:32 2025 UTC