From d387bf5e958e9d25a7192d1f5e5280ac0eb82da7 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Wed, 18 Mar 2015 20:27:10 +0100 Subject: correct error checking for bz2 file reading The code reading .bz2 compressed files did not correctly check for possible read errors. In case of a corrupted file this could have led to an infinite loop. Thanks to Filippo Cavallarin from www.segment.technology for dicovering this bug. --- inc/io.php | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'inc') diff --git a/inc/io.php b/inc/io.php index 3ed227162..0636a4b62 100644 --- a/inc/io.php +++ b/inc/io.php @@ -101,7 +101,7 @@ function _io_readWikiPage_action($data) { * * @param string $file filename * @param bool $clean - * @return string + * @return string|bool the file contents or false on error */ function io_readFile($file,$clean=true){ $ret = ''; @@ -114,7 +114,7 @@ function io_readFile($file,$clean=true){ $ret = file_get_contents($file); } } - if($clean){ + if($ret !== false && $clean){ return cleanText($ret); }else{ return $ret; @@ -124,22 +124,28 @@ function io_readFile($file,$clean=true){ * Returns the content of a .bz2 compressed file as string * * @author marcel senf + * @author Andreas Gohr * * @param string $file filename - * @return string content + * @return string|bool content or false on error */ function bzfile($file){ $bz = bzopen($file,"r"); + if($bz === false) return false; + $str = ''; while (!feof($bz)){ //8192 seems to be the maximum buffersize? - $str = $str . bzread($bz,8192); + $buffer = bzread($bz,8192); + if(($buffer === false) || (bzerrno($bz) !== 0)) { + return false; + } + $str = $str . $buffer; } bzclose($bz); return $str; } - /** * Used to write out a DokuWiki page to file, and send IO_WIKIPAGE_WRITE events. * -- cgit v1.2.3