Robustness: safer gzinflate/zlib usage

Relates to https://github.com/shaarli/Shaarli/pull/846

PHP's `gzinflate()` fails with an error when being passed an empty string

See:
- https://bugs.php.net/bug.php?id=71395

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
This commit is contained in:
VirtualTam 2017-09-19 22:08:29 +02:00
parent e4325b1517
commit 8c322aaba1

View file

@ -50,7 +50,8 @@ public static function writeFlatDB($file, $content)
/** /**
* Read data from a file containing Shaarli database format content. * Read data from a file containing Shaarli database format content.
* If the file isn't readable or doesn't exists, default data will be returned. *
* If the file isn't readable or doesn't exist, default data will be returned.
* *
* @param string $file File path. * @param string $file File path.
* @param mixed $default The default value to return if the file isn't readable. * @param mixed $default The default value to return if the file isn't readable.
@ -61,16 +62,21 @@ public static function readFlatDB($file, $default = null)
{ {
// Note that gzinflate is faster than gzuncompress. // Note that gzinflate is faster than gzuncompress.
// See: http://www.php.net/manual/en/function.gzdeflate.php#96439 // See: http://www.php.net/manual/en/function.gzdeflate.php#96439
if (is_readable($file)) { if (! is_readable($file)) {
return unserialize( return $default;
gzinflate(
base64_decode(
substr(file_get_contents($file), strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
)
)
);
} }
return $default; $data = file_get_contents($file);
if ($data == '') {
return $default;
}
return unserialize(
gzinflate(
base64_decode(
substr($data, strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
)
)
);
} }
} }