php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #68787 Incorrect code
Submitted: 2015-01-10 13:23 UTC Modified: 2015-01-25 02:52 UTC
From: bugreports at internot dot info Assigned:
Status: Not a bug Package: PHAR related
PHP Version: master-Git-2015-01-10 (Git) OS: Linux Ubuntu 14.04
Private report: No CVE-ID: None
 [2015-01-10 13:23 UTC] bugreports at internot dot info
Description:
------------
Hi,

In /ext/phar/util.c:



1876                                return FAILURE;
1877                        }
1878#endif
1879                        *signature = (char *) sigbuf;
1880                        *signature_length = siglen;
1881                }
1882                break;
    
1883                default:
1884                        phar->sig_flags = PHAR_SIG_SHA1;
    

1885                case PHAR_SIG_SHA1: {
1886                        unsigned char digest[20];
1887                        PHP_SHA1_CTX  context;
1888
1889                        PHP_SHA1Init(&context);
1890
1891                        while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) {
1892                                PHP_SHA1Update(&context, buf, sig_len);
1893                        }
1894
1895                        PHP_SHA1Final(digest, &context);
1896                        *signature = estrndup((char *) digest, 20);
1897                        *signature_length = 20;
1898                        break;
1899                }
1900                case PHAR_SIG_MD5: {
1901                        unsigned char digest[16];
1902                        PHP_MD5_CTX   context;
1903
1904                        PHP_MD5Init(&context);
1905
1906                        while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) {
1907                                PHP_MD5Update(&context, buf, sig_len);
1908                        }
1909
1910                        PHP_MD5Final(digest, &context);
1911                        *signature = estrndup((char *) digest, 16);
1912                        *signature_length = 16;
1913                        break;
1914               



Multiple problems.

1. at L1882, 'break;' breaks out of the whole expression, not just the case that L1881 closes.

2. case PHAR_SIG_SHA1 should be second last, and default should be the last. That would make PHAR_SIG_MD5 the third last.




Thanks,


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-01-25 02:52 UTC] yohgaki@php.net
-Status: Open +Status: Not a bug
 [2015-01-25 02:52 UTC] yohgaki@php.net
http://stackoverflow.com/questions/3110088/switch-statement-must-default-be-the-last-case

Although it may seem strange, this code is valid.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 11:01:27 2024 UTC