php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56919 zip_entry_open returns wrong file content
Submitted: 2006-03-27 04:51 UTC Modified: 2006-03-30 08:51 UTC
From: zgryzmonitor at wp dot pl Assigned: pajoye (profile)
Status: Closed Package: zip (PECL)
PHP Version: 5_1 CVS-2006-03-27 OS: Windows
Private report: No CVE-ID: None
 [2006-03-27 04:51 UTC] zgryzmonitor at wp dot pl
Description:
------------
zip_entry_open behaves maliciously when getting content of a binary file, it stops reading on a first 0 character. Changing the dll to 5_1 solved the problem

Reproduce code:
---------------
private function _addEntry($entry, $extension) {
        $buf = zip_entry_read ($entry, zip_entry_filesize($entry));
        $uuid = Util_Uuid::generate();
        $entryPath = $uuid . '.' . $extension;
        file_put_contents($this->_dir . '/' . $entryPath, $buf);
        return $entryPath;
    }


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-03-27 08:39 UTC] pierre dot php at gmail dot com
Which dll are you using?

Can you copy the content of the phpinfo somewhere (only the zip part) or here?
 [2006-03-27 08:44 UTC] pierre dot php at gmail dot com
Which dll are you using?

Can you copy the content of the phpinfo somewhere (only the zip part) or here?
 [2006-03-27 15:25 UTC] zgryzmonitor at wp dot pl
The problem was with dll version 5.1.2, where there were no problems with dll version 5.1 using the same code. I am using php 5.1.2. I will send you my phpinfo from work tomorrow.
Cheers
 [2006-03-27 15:54 UTC] pierre dot php at gmail dot com
Well, it's confusing...

Which *exactly* is causing you troubles?
This one:
http://pecl4win.php.net/download.php/ext/5_1/5.1.2/php_zip.dll

?

Please provide me a script and an Zip archive to reproduce your problem. The script must be self contained, no external data or files but the Zip archive.
 [2006-03-30 08:51 UTC] pierre dot php at gmail dot com
This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.


 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu Dec 02 23:03:35 2021 UTC