|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #76592 Incorrect buffer_size calculation with streams
Submitted: 2018-07-06 23:58 UTC Modified: 2020-10-11 18:20 UTC
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: magrodriguez93 at gmail dot com Assigned: cataphract (profile)
Status: Closed Package: rar (PECL)
PHP Version: Irrelevant OS: Debian 4.16.16-2
Private report: No CVE-ID: None
 [2018-07-06 23:58 UTC] magrodriguez93 at gmail dot com
Whenever the unpacked size of a file is greater than RAR_CHUNK_BUFFER_SIZE only RAR_CHUNK_BUFFER_SIZE bytes are allocated for the stream, resulting in incomplete reads.

Generate a random 10MB file and add it to a RAR archive.

dd if=/dev/urandom of=test.dat bs=1M count=10 && rar a test.rar test.dat

Test script:
$rar = \RarArchive::open('test.rar');
if ($rar === false)
    die('Unable to open archive.');

$entry = $rar->getEntry('test.dat');
if ($entry === false)
    die('Unable to get entry.');

$contents = stream_get_contents($entry->getStream(), $entry->getUnpackedSize());
$expectedCRC = $entry->getCrc();
$actualCRC = dechex(crc32($contents));

if ($expectedCRC !== $actualCRC)
    die('CRC values do not match.');

die('All ok.');

Expected result:
The CRC values should match.

Actual result:
The CRC values do not match whenever the unpacked size is greater than RAR_CHUNK_BUFFER_SIZE.


Fix-incorrect-buffer_size-calculation-with-streams (last revision 2018-07-06 23:58 UTC by magrodriguez93 at gmail dot com)

Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2018-07-07 00:06 UTC] magrodriguez93 at gmail dot com
I believe this will also fix as the number of read bytes matches what I was getting and the expected number was greater than RAR_CHUNK_BUFFER_SIZE.
 [2020-10-11 18:20 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: cataphract
 [2020-10-11 18:20 UTC]
Fixed in 4.1.0, although with a different patch.
 [2020-10-11 18:20 UTC]
Fixed in 4.1.0, although with a different patch.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Feb 24 12:01:27 2024 UTC