Patch cleanup for 5.6.5

Binary diff removed

From bf58162ddf970f63502837f366930e44d6a992cf Mon Sep 17 00:00:00 2001

From: Stanislav Malyshev <stas@php.net>

Date: Sat, 4 Jul 2015 21:01:50 -0700

Subject: [PATCH] Fix bug #69958 - Segfault in Phar::convertToData on invalid

 file

---

 ext/phar/phar_object.c       |  70 ++++++++++++++++++++++---------------------

 ext/phar/tests/bug69958.phpt |  14 +++++++++

 ext/phar/tests/bug69958.tar  | Bin 0 -> 513 bytes

 3 files changed, 50 insertions(+), 34 deletions(-)

 create mode 100644 ext/phar/tests/bug69958.phpt

 create mode 100644 ext/phar/tests/bug69958.tar

diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c

index add1fa0..1184863 100644

--- a/ext/phar/phar_object.c

+++ b/ext/phar/phar_object.c

@@ -2341,7 +2341,9 @@ static zval *phar_convert_to_other(phar_archive_data *source, int convert, char

 		zend_hash_destroy(&(phar->manifest));

 		zend_hash_destroy(&(phar->mounted_dirs));

 		zend_hash_destroy(&(phar->virtual_dirs));

-		php_stream_close(phar->fp);

+		if (phar->fp) {

+			php_stream_close(phar->fp);

+		}

 		efree(phar->fname);

 		efree(phar);

 		return NULL;

From 885edfef0a0eb1016a906d197399f92375a795e4 Mon Sep 17 00:00:00 2001

From: Stanislav Malyshev <stas@php.net>

Date: Mon, 6 Jul 2015 22:58:28 -0700

Subject: [PATCH] Better fix for bug #69958

---

 ext/phar/phar_object.c       | 22 +++++++++++++---------

 ext/phar/tests/bug69958.phpt |  2 ++

 2 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c

index 1184863..8cfe0c8 100644

--- a/ext/phar/phar_object.c

+++ b/ext/phar/phar_object.c

@@ -2019,9 +2019,10 @@ static int phar_copy_file_contents(phar_entry_info *entry, php_stream *fp TSRMLS

 }

 /* }}} */

-static zval *phar_rename_archive(phar_archive_data *phar, char *ext, zend_bool compress TSRMLS_DC) /* {{{ */

+static zval *phar_rename_archive(phar_archive_data **sphar, char *ext, zend_bool compress TSRMLS_DC) /* {{{ */

 {

 	const char *oldname = NULL;

+	phar_archive_data *phar = *sphar;

 	char *oldpath = NULL;

 	char *basename = NULL, *basepath = NULL;

 	char *newname = NULL, *newpath = NULL;

@@ -2129,6 +2130,7 @@ static zval *phar_rename_archive(phar_archive_data *phar, char *ext, zend_bool c

 				phar->fp = NULL;

 				phar_destroy_phar_data(phar TSRMLS_CC);

 				phar = *pphar;

+				*sphar = NULL;

 				phar->refcount++;

 				newpath = oldpath;

 				goto its_ok;

@@ -2335,17 +2337,19 @@ static zval *phar_convert_to_other(phar_archive_data *source, int convert, char

 		phar_add_virtual_dirs(phar, newentry.filename, newentry.filename_len TSRMLS_CC);

 	}

-	if ((ret = phar_rename_archive(phar, ext, 0 TSRMLS_CC))) {

+	if ((ret = phar_rename_archive(&phar, ext, 0 TSRMLS_CC))) {

 		return ret;

 	} else {

-		zend_hash_destroy(&(phar->manifest));

-		zend_hash_destroy(&(phar->mounted_dirs));

-		zend_hash_destroy(&(phar->virtual_dirs));

-		if (phar->fp) {

-			php_stream_close(phar->fp);

+		if(phar != NULL) {

+			zend_hash_destroy(&(phar->manifest));

+			zend_hash_destroy(&(phar->mounted_dirs));

+			zend_hash_destroy(&(phar->virtual_dirs));

+			if (phar->fp) {

+				php_stream_close(phar->fp);

+			}

+			efree(phar->fname);

+			efree(phar);

 		}

-		efree(phar->fname);

-		efree(phar);

 		return NULL;

 	}

 }