php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #72412 PharData for archive containing "relative current directory" ( ./ )
Submitted: 2016-06-15 13:24 UTC Modified: 2020-12-08 15:03 UTC
Votes:13
Avg. Score:4.5 ± 0.5
Reproduced:13 of 13 (100.0%)
Same Version:3 (23.1%)
Same OS:7 (53.8%)
From: raphael dot droz at gmail dot com Assigned:
Status: Verified Package: PHAR related
PHP Version: 7.4 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
 [2016-06-15 13:24 UTC] raphael dot droz at gmail dot com 
Description:
------------
When creating a tar archive containing .
Phar seems unable to extract it.
Extracting ./file1 would work, but listing or extracting the whole archive does not seem possible and fail with a Fatal internal error.
This is especially annoying if you don't know in advance the name of the file to extract: in such case the archive is simply unsuitable for Phar.

As seen on IRC, it (july 14th), it does not affect every PHP version.

Maybe related to bug #64884 since some symptoms seem common.

Test script:
---------------
mkdir -p test1;
echo "This is a test file" > test1/file1;
tar czf test1.tar.gz -C test1 .


php -r '$p = new PharData("/tmp/test1.tar.gz"); $p->extractTo("test2");'
cat test2/file1


Expected result:
----------------
This is a test file

Actual result:
--------------
Extraction from phar "/tmp/test1.tar.gz" failed: Cannot extract ".", internal error in Command line code on line 1

# Note that the "test1" directory is created, but empty

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-12-08 15:03 UTC] cmb@php.net
-Status: Open +Status: Verified -PHP Version: 5.6.22 +PHP Version: 7.4
 [2020-12-08 15:03 UTC] cmb@php.net 
This is broken due to the fix for bug #70019 (i.e. as of PHP
5.4.44, 5.5.28 and 5.6.12, respectively).  After calling
virtual_file_ex(), there is an additional check for
`new_state.cwd_length <= 1`[1], whose purpose is not clear to me.
If I remove that check, the tarball could be extracted if
$overwrite was true; otherwise the extraction of `.` fails because
the directory already exists.

[1] <https://github.com/php/php-src/blob/php-7.4.13/ext/phar/phar_object.c#L4164-L4165>
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Jun 15 02:01:32 2025 UTC