Merge branch 'support/2.7' into develop

# Conflicts: # README.md # composer.json # composer.lock # core/cmdbsource.class.inc.php # core/dbobject.class.php # datamodels/2.x/combodo-db-tools/db_analyzer.class.inc.php # datamodels/2.x/combodo-db-tools/dbtools.php # datamodels/2.x/combodo-db-tools/dictionaries/zh_cn.dict.combodo-db-tools.php # datamodels/2.x/itop-attachments/dictionaries/zh_cn.dict.itop-attachments.php # datamodels/2.x/itop-core-update/dictionaries/zh_cn.dict.itop-core-update.php # dictionaries/zh_cn.dictionary.itop.core.php # dictionaries/zh_cn.dictionary.itop.ui.php # lib/composer/InstalledVersions.php # lib/composer/autoload_classmap.php # lib/composer/autoload_static.php # lib/composer/installed.php # lib/composer/platform_check.php # pages/ajax.render.php # pages/csvimport.php # setup/ajax.dataloader.php # setup/index.php # setup/setuputils.class.inc.php # test/application/UtilsTest.php
2026-04-28 04:58:46 +02:00 · 2021-06-14 16:19:56 +02:00
parent 51e24a4e35 3a876d5c75
commit d8e2a1cc7c
65 changed files with 3743 additions and 3485 deletions
--- a/lib/pear/archive_tar/Archive/Tar.php
+++ b/lib/pear/archive_tar/Archive/Tar.php
@@ -1397,16 +1397,20 @@ class Archive_Tar extends PEAR

        $v_magic = 'ustar ';
        $v_version = ' ';
+        $v_uname = '';
+        $v_gname = '';

        if (function_exists('posix_getpwuid')) {
            $userinfo = posix_getpwuid($v_info[4]);
            $groupinfo = posix_getgrgid($v_info[5]);

-            $v_uname = $userinfo['name'];
-            $v_gname = $groupinfo['name'];
-        } else {
-            $v_uname = '';
-            $v_gname = '';
+            if (isset($userinfo['name'])) {
+                $v_uname = $userinfo['name'];
+            }
+
+            if (isset($groupinfo['name'])) {
+                $v_gname = $groupinfo['name'];
+            }
        }

        $v_devmajor = '';
@@ -1730,7 +1734,7 @@ class Archive_Tar extends PEAR

        // ----- Extract the properties
        $v_header['filename'] = rtrim($v_data['filename'], "\0");
-        if ($this->_maliciousFilename($v_header['filename'])) {
+        if ($this->_isMaliciousFilename($v_header['filename'])) {
            $this->_error(
                'Malicious .tar detected, file "' . $v_header['filename'] .
                '" will not install in desired directory tree'
@@ -1800,9 +1804,9 @@ class Archive_Tar extends PEAR
     *
     * @return bool
     */
-    private function _maliciousFilename($file)
+    private function _isMaliciousFilename($file)
    {
-        if (strpos($file, 'phar://') === 0) {
+        if (strpos($file, '://') !== false) {
            return true;
        }
        if (strpos($file, '../') !== false || strpos($file, '..\\') !== false) {
@@ -1838,7 +1842,7 @@ class Archive_Tar extends PEAR

        $v_filename = rtrim(substr($v_filename, 0, $v_filesize), "\0");
        $v_header['filename'] = $v_filename;
-        if ($this->_maliciousFilename($v_filename)) {
+        if ($this->_isMaliciousFilename($v_filename)) {
            $this->_error(
                'Malicious .tar detected, file "' . $v_filename .
                '" will not install in desired directory tree'
@@ -2120,6 +2124,14 @@ class Archive_Tar extends PEAR
                            }
                        }
                    } elseif ($v_header['typeflag'] == "2") {
+                        if (strpos(realpath(dirname($v_header['link'])), realpath($p_path)) !== 0) {
+                            $this->_error(
+                                 'Out-of-path file extraction {'
+                                 . $v_header['filename'] . ' --> ' .
+                                 $v_header['link'] . '}'
+                            );
+                            return false;
+                        }
                        if (!$p_symlinks) {
                            $this->_warning('Symbolic links are not allowed. '
                                . 'Unable to extract {'