Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives

The default encoding of filenames in a ZIP archive is IBM Code Page
437. Phar, however, only supports UTF-8 filenames. Th

Fix #70091: Phar does not mark UTF-8 filenames in ZIP archives

The default encoding of filenames in a ZIP archive is IBM Code Page
437. Phar, however, only supports UTF-8 filenames. Therefore we have
to mark filenames as being stored in UTF-8 by setting the general
purpose bit 11 (the language encoding flag).

The effect of not setting this bit for non ASCII filenames can be seen
in popular tools like 7-Zip and UnZip, but not when extracting the
archives via ext/phar (which is agnostic to the filename encoding), or
via ext/zip (which guesses the encoding). Thus we add a somewhat
brittle low-level test case.

Closes GH-6630.

show more ...

Fix #77565: Incorrect locator detection in ZIP-based phars

We must not assume that the first end of central dir signature in a ZIP
archive actually designates the end of central director

Fix #77565: Incorrect locator detection in ZIP-based phars

We must not assume that the first end of central dir signature in a ZIP
archive actually designates the end of central directory record, since
the data in the archive may contain arbitrary byte patterns. Thus, we
better search from the end of the data, what is also slightly more
efficient.

There is, however, no way to detect the end of central directory
signature by searching from the end of the ZIP archive with absolute
certainty, since the signature could be part of the trailing comment.
To mitigate, we check that the comment length fits to the found
position, but that might still not be the correct position in rare
cases.

Closes GH-6507.

show more ...

Fix #73809: Phar Zip parse crash - mmap fail

Phar signatures practically are of limited size; for the MD5 and SHA
hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL

Fix #73809: Phar Zip parse crash - mmap fail

Phar signatures practically are of limited size; for the MD5 and SHA
hashes the size is fixed (at most 64 bytes for SHA512); for OpenSSL
public keys there is no size limit in theory, but "64 KiB ought to be
good enough for anybody". So we check for that limit, to avoid fatal
errors due to out of memory conditions.

Since it is neither possible to have the signature compressed in the
ZIP archive, nor is it possible to manually add a signature via Phar,
we use ZipArchive to create a suitable archive for the test on the fly.

Closes GH-6474.

show more ...

Fix #79797: Use of freed hash key in the phar_parse_zipfile function

We must not use heap memory after we freed it.

Fix #79797: Use of freed hash key in the phar_parse_zipfile function

We must not use heap memory after we freed it.

Fix build warnings

- switch from strncpy to memcpy for -Wstringop-truncation

Phar: Avoid negative zip dates

The zip date/time encoding format is incredibly stupid.

Update and fix remaining year ranges (2019)

This patch follows previous license year ranges updates. With new
approach source code files now have simplified headers with license
info

Update and fix remaining year ranges (2019)

This patch follows previous license year ranges updates. With new
approach source code files now have simplified headers with license
information without year ranges.

show more ...

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly

Remove local variables

This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly used by Vim and Emacs editors
yet with recent changes the once working definitions don't work
anymore in Vim without custom plugins or additional configuration.
Neither are these settings synced across the PHP code base.

A simpler and better approach is EditorConfig and fixing code
using some code style fixing tools in the future instead.

This patch also removes the so called modelines for Vim. Modelines
allow Vim editor specifically to set some editor configuration such as
syntax highlighting, indentation style and tab width to be set in the
first line or the last 5 lines per file basis. Since the php test
files have syntax highlighting already set in most editors properly and
EditorConfig takes care of the indentation settings, this patch removes
these as well for the Vim 6.0 and newer versions.

With the removal of local variables for certain editors such as
Emacs and Vim, the footer is also probably not needed anymore when
creating extensions using ext_skel.php script.

Additionally, Vim modelines for setting php syntax and some editor
settings has been removed from some *.phpt files. All these are
mostly not relevant for phpt files neither work properly in the
middle of the file.

show more ...

Use HT_IS_INITIALIZED() and HT_INVALIDATE() macros instead of hackish HT_FLAGS assumtions.

Use zval_ptr_dtor() imstead of zval_dtor()

Removed "dead" code (zend_hash_update() never fails)

Use zend_string_release_ex() instread of zend_string_release() in places, where we sure about string persistence.

Move to unsigned types in phar

Preventing integer overflows in principle, which allows to avoid additional
range checks. The phar format is based on 32-bit lengths, so the storage
si

Move to unsigned types in phar

Preventing integer overflows in principle, which allows to avoid additional
range checks. The phar format is based on 32-bit lengths, so the storage
sizes was kept same.

show more ...

Access HashTable.u.flags through HT_FLAGS() macro.

year++

year++

year++

Kill compiler warnings in ext/phar

Update copyright headers to 2017

Update copyright headers to 2017

Update copyright headers to 2017

Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile

Fix bug #72928 - Out of bound when verify signature of zip phar in phar_parse_zipfile

(cherry picked from commit 19484ab77466f99c78fc0e677f7e03da0584d6a2)

fix double free