fix bug #67761

Phar::mapPhar fails for Phars inside a path containing ".tar".

Strengthen the silly .tar file extension check.

NEWS

@@ -40,8 +40,10 @@ PHP                                                                        NEWS
   . Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)
 
 - Phar:
-  . Fixed bug 64343 (PharData::extractTo fails for tarball created by BSD tar).
+  . Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar).
     (Mike)
+  . Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing 
+    ".tar"). (Mike)
 
 - Postgres:
   . Fixed bug #68741 (Null pointer dereference) (CVE-2015-1352). (Laruence)

ext/phar/tar.c

@@ -102,7 +102,7 @@ int phar_is_tar(char *buf, char *fname) /* {{{ */
 	tar_header *header = (tar_header *) buf;
 	php_uint32 checksum = phar_tar_number(header->checksum, sizeof(header->checksum));
 	php_uint32 ret;
-	char save[sizeof(header->checksum)];
+	char save[sizeof(header->checksum)], *bname;
 
 	/* assume that the first filename in a tar won't begin with <?php */
 	if (!strncmp(buf, "<?php", sizeof("<?php")-1)) {
@@ -113,7 +113,10 @@ int phar_is_tar(char *buf, char *fname) /* {{{ */
 	memset(header->checksum, ' ', sizeof(header->checksum));
 	ret = (checksum == phar_tar_checksum(buf, 512));
 	memcpy(header->checksum, save, sizeof(header->checksum));
-	if (!ret && strstr(fname, ".tar")) {
+	if ((bname = strrchr(fname, PHP_DIR_SEPARATOR))) {
+		fname = bname;
+	}
+	if (!ret && (bname = strstr(fname, ".tar")) && (bname[4] == '\0' || bname[4] == '.')) {
 		/* probably a corrupted tar - so we will pretend it is one */
 		return 1;
 	}

ext/phar/tests/tar/bug67761.phpt

@@ -0,0 +1,19 @@
+--TEST--
+Bug #67761 (Phar::mapPhar fails for Phars inside a path containing ".tar")
+--SKIPIF--
+<?php extension_loaded("phar") or die("SKIP need ext/phar suppport"); ?>
+--FILE--
+<?php 
+
+echo "Test\n";
+
+include __DIR__."/files/bug67761.tar/bug67761.phar";
+
+?>
+
+===DONE===
+--EXPECT--
+Test
+#!/usr/bin/env php
+Test
+===DONE===