Fixed bug #64931

phar_add_file is too restrive on filename

Check for any of '/', '\\', '\0' after ".phar".

NEWS

@@ -42,6 +42,7 @@ PHP                                                                        NEWS
 - Phar:
   . Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar).
     (Mike)
+  . Fixed bug #64931 (phar_add_file is too restrictive on filename). (Mike)
   . Fixed bug #65467 (Call to undefined method cli_arg_typ_string). (Mike)
   . Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing 
     ".tar"). (Mike)

ext/phar/phar_object.c

@@ -3622,7 +3622,7 @@ static void phar_add_file(phar_archive_data **pphar, char *filename, int filenam
 	phar_entry_data *data;
 	php_stream *contents_file;
 
-	if (filename_len >= sizeof(".phar")-1 && !memcmp(filename, ".phar", sizeof(".phar")-1)) {
+	if (filename_len >= sizeof(".phar")-1 && !memcmp(filename, ".phar", sizeof(".phar")-1) && (filename[5] == '/' || filename[5] == '\\' || filename[5] == '\0')) {
 		zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "Cannot create any files in magic \".phar\" directory", (*pphar)->fname);
 		return;
 	}

ext/phar/tests/bug64931/bug64931.phpt

@@ -0,0 +1,58 @@
+--TEST--
+Bug #64931 (phar_add_file is too restrictive on filename)
+--SKIPIF--
+<?php extension_loaded("phar") or die("skip need ext/phar support"); ?>
+--INI--
+phar.readonly=0
+--FILE--
+<?php 
+
+echo "Test\n";
+
+@unlink(__DIR__."/bug64931.phar");
+$phar = new Phar(__DIR__."/bug64931.phar");
+$phar->addFile(__DIR__."/src/.pharignore", ".pharignore");
+try {
+	$phar->addFile(__DIR__."/src/.pharignore", ".phar/gotcha");
+} catch (Exception $e) {
+	echo "CAUGHT: ". $e->getMessage() ."\n";
+}
+
+try {
+	$phar->addFromString(".phar", "gotcha");
+} catch (Exception $e) {
+	echo "CAUGHT: ". $e->getMessage() ."\n";
+}
+
+try {
+	$phar->addFromString(".phar//", "gotcha");
+} catch (Exception $e) {
+	echo "CAUGHT: ". $e->getMessage() ."\n";
+}
+
+try {
+	$phar->addFromString(".phar\\", "gotcha");
+} catch (Exception $e) {
+	echo "CAUGHT: ". $e->getMessage() ."\n";
+}
+
+try {
+	$phar->addFromString(".phar\0", "gotcha");
+} catch (Exception $e) {
+	echo "CAUGHT: ". $e->getMessage() ."\n";
+}
+
+?>
+===DONE===
+--CLEAN--
+<?php
+@unlink(__DIR__."/bug64931.phar");
+?>
+--EXPECT--
+Test
+CAUGHT: Cannot create any files in magic ".phar" directory
+CAUGHT: Cannot create any files in magic ".phar" directory
+CAUGHT: Cannot create any files in magic ".phar" directory
+CAUGHT: Cannot create any files in magic ".phar" directory
+CAUGHT: Cannot create any files in magic ".phar" directory
+===DONE===

ext/phar/tests/bug64931/src/.pharignore

@@ -0,0 +1,3 @@
+# ignore file
+*.tmp
+*~