Robustness: safer gzinflate/zlib usage

Relates to https://github.com/shaarli/Shaarli/pull/846

PHP's `gzinflate()` fails with an error when being passed an empty string

See:
- https://bugs.php.net/bug.php?id=71395

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
This commit is contained in:
VirtualTam 2017-09-19 22:08:29 +02:00
parent e4325b1517
commit 8c322aaba1

View file

@ -50,7 +50,8 @@ public static function writeFlatDB($file, $content)
/**
* Read data from a file containing Shaarli database format content.
* If the file isn't readable or doesn't exists, default data will be returned.
*
* If the file isn't readable or doesn't exist, default data will be returned.
*
* @param string $file File path.
* @param mixed $default The default value to return if the file isn't readable.
@ -61,16 +62,21 @@ public static function readFlatDB($file, $default = null)
{
// Note that gzinflate is faster than gzuncompress.
// See: http://www.php.net/manual/en/function.gzdeflate.php#96439
if (is_readable($file)) {
if (! is_readable($file)) {
return $default;
}
$data = file_get_contents($file);
if ($data == '') {
return $default;
}
return unserialize(
gzinflate(
base64_decode(
substr(file_get_contents($file), strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
substr($data, strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
)
)
);
}
return $default;
}
}