[BUGFIX] Only valid package names will be processed. 86/28286/3
authorDaniel Siepmann <daniel.siepmann@typo3.org>
Wed, 12 Mar 2014 10:00:34 +0000 (11:00 +0100)
committerSteffen Ritter <info@rs-websystems.de>
Wed, 12 Mar 2014 11:16:30 +0000 (12:16 +0100)
To prevent the extension manager from further steps while
invalid package keys exists in the system, the package keys are
validated earlier.

This prevents further actions that will lead to rewrite
of PackageState.php and invalid opcode cache.

Change-Id: Ib8d9f25dc1d6c97b94a59b15255b96d5a1960093
Resolves: #56532
Releases: 6.2
Reviewed-on: https://review.typo3.org/28286
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
typo3/sysext/core/Classes/Package/Package.php
typo3/sysext/core/Classes/Package/PackageManager.php
typo3/sysext/core/Tests/Unit/Package/PackageManagerTest.php

index 3c39de7..c2f6e22 100644 (file)
@@ -70,7 +70,7 @@ class Package extends \TYPO3\Flow\Package\Package implements PackageInterface {
         * @throws \TYPO3\Flow\Package\Exception\InvalidPackageManifestException if no composer manifest file could be found
         */
        public function __construct(\TYPO3\Flow\Package\PackageManager $packageManager, $packageKey, $packagePath, $classesPath = NULL, $manifestPath = '') {
-               if (preg_match(self::PATTERN_MATCH_EXTENSIONKEY, $packageKey) !== 1 && preg_match(self::PATTERN_MATCH_PACKAGEKEY, $packageKey) !== 1) {
+               if (!\TYPO3\CMS\Core\Package\PackageManager::isPackageKeyValid($packageKey)) {
                        throw new \TYPO3\Flow\Package\Exception\InvalidPackageKeyException('"' . $packageKey . '" is not a valid package key.', 1217959511);
                }
                if (!(@is_dir($packagePath) || (\TYPO3\Flow\Utility\Files::is_link($packagePath) && is_dir(\TYPO3\Flow\Utility\Files::getNormalizedPath($packagePath))))) {
index e8a0e4a..c2b272d 100644 (file)
@@ -298,6 +298,9 @@ class PackageManager extends \TYPO3\Flow\Package\PackageManager implements \TYPO
                        } catch (\TYPO3\Flow\Package\Exception\MissingPackageManifestException $exception) {
                                $relativePackagePath = substr($packagePath, strlen($packagesBasePath));
                                $packageKey = substr($relativePackagePath, strpos($relativePackagePath, '/') + 1, -1);
+                               if (!$this->isPackageKeyValid($packageKey)) {
+                                       continue;
+                               }
                        } catch (\TYPO3\Flow\Package\Exception\InvalidPackageKeyException $exception) {
                                continue;
                        }
@@ -636,4 +639,15 @@ class PackageManager extends \TYPO3\Flow\Package\PackageManager implements \TYPO
 
                \TYPO3\CMS\Core\Utility\OpcodeCacheUtility::clearAllActive($this->packageStatesPathAndFilename);
        }
+
+       /**
+        * Check the conformance of the given package key
+        *
+        * @param string $packageKey The package key to validate
+        * @return boolean If the package key is valid, returns TRUE otherwise FALSE
+        * @api
+        */
+       public function isPackageKeyValid($packageKey) {
+               return parent::isPackageKeyValid($packageKey) || preg_match(\TYPO3\CMS\Core\Package\Package::PATTERN_MATCH_EXTENSIONKEY, $packageKey) === 1;
+       }
 }
index d817315..106f760 100644 (file)
@@ -345,7 +345,7 @@ class PackageManagerTest extends \TYPO3\CMS\Core\Tests\UnitTestCase {
         */
        public function createPackageThrowsExceptionOnInvalidPackageKey() {
                try {
-                       $this->packageManager->createPackage('Invalid_PackageKey');
+                       $this->packageManager->createPackage('Invalid.PackageKey');
                } catch (\TYPO3\Flow\Package\Exception\InvalidPackageKeyException $exception) {
                }
                $this->assertFalse(is_dir('vfs://Test/Packages/Application/Invalid_PackageKey'), 'Package folder with invalid package key was created');