Skip to content

Commit a4acff3

Browse files
alex-scottnikic
authored andcommitted
Fix bug #78138: opcache.validate_permission incorrectly works with PHAR files
opcache incorrectly handles PHAR files when opcache.validate_permission option enabled, because it calls access("phar://path-to/file.phar/path/inside.php", R_OK); rather than access("path-to/file.phar", R_OK)
1 parent 57688ad commit a4acff3

File tree

1 file changed

+24
-1
lines changed

1 file changed

+24
-1
lines changed

ext/opcache/ZendAccelerator.c

Lines changed: 24 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1760,6 +1760,29 @@ zend_op_array *file_cache_compile_file(zend_file_handle *file_handle, int type)
17601760
}
17611761
#endif
17621762

1763+
int check_persistent_script_access(zend_persistent_script *persistent_script)
1764+
{
1765+
char *phar_path, *ptr;
1766+
int ret;
1767+
if ((ZSTR_LEN(persistent_script->script.filename)<sizeof("phar://.phar")) ||
1768+
memcmp(ZSTR_VAL(persistent_script->script.filename), "phar://", sizeof("phar://")-1)) {
1769+
1770+
return access(ZSTR_VAL(persistent_script->script.filename), R_OK) != 0;
1771+
1772+
} else {
1773+
/* we got a cached file from .phar, so we have to strip prefix and path inside .phar to check access() */
1774+
phar_path = estrdup(ZSTR_VAL(persistent_script->script.filename)+sizeof("phar://")-1);
1775+
if ((ptr = strstr(phar_path, ".phar/")) != NULL)
1776+
{
1777+
*(ptr+sizeof(".phar/")-2) = 0; /* strip path inside .phar file */
1778+
}
1779+
ret = access(phar_path, R_OK) != 0;
1780+
efree(phar_path);
1781+
return ret;
1782+
}
1783+
}
1784+
1785+
17631786
/* zend_compile() replacement */
17641787
zend_op_array *persistent_compile_file(zend_file_handle *file_handle, int type)
17651788
{
@@ -1896,7 +1919,7 @@ zend_op_array *persistent_compile_file(zend_file_handle *file_handle, int type)
18961919
if (EXPECTED(persistent_script != NULL) &&
18971920
UNEXPECTED(ZCG(accel_directives).validate_permission) &&
18981921
file_handle->type == ZEND_HANDLE_FILENAME &&
1899-
UNEXPECTED(access(ZSTR_VAL(persistent_script->script.filename), R_OK) != 0)) {
1922+
UNEXPECTED(check_persistent_script_access(persistent_script))) {
19001923
if (type == ZEND_REQUIRE) {
19011924
zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, file_handle->filename);
19021925
zend_bailout();

0 commit comments

Comments
 (0)