diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2016-03-30 23:29:26 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2016-03-30 23:29:26 +0200 |
| commit | f5beeec833ff500b9c5072728338d372820e903c (patch) | |
| tree | a0714981840aece7d65ccc6b6de8ebc05e4f5058 /lib | |
| parent | 00c9974d945f7d50d7d10d7de5fc5a16f4d7421e (diff) | |
| download | nextcloud-server-f5beeec833ff500b9c5072728338d372820e903c.tar.gz nextcloud-server-f5beeec833ff500b9c5072728338d372820e903c.zip | |
Properly handle return values of OC_App::getAppInfo()
* fixes #23668
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/app.php | 15 | ||||
| -rw-r--r-- | lib/private/installer.php | 3 | ||||
| -rw-r--r-- | lib/public/app.php | 2 |
3 files changed, 19 insertions, 1 deletions
diff --git a/lib/private/app.php b/lib/private/app.php index 3b8cbba3898..05d220f7d38 100644 --- a/lib/private/app.php +++ b/lib/private/app.php @@ -207,6 +207,9 @@ class OC_App { */ public static function setAppTypes($app) { $appData = self::getAppInfo($app); + if(!is_array($appData)) { + return; + } if (isset($appData['types'])) { $appTypes = implode(',', $appData['types']); @@ -783,6 +786,10 @@ class OC_App { if (array_search($app, $blacklist) === false) { $info = OC_App::getAppInfo($app); + if (!is_array($info)) { + \OCP\Util::writeLog('core', 'Could not read app info file for app "' . $app . '"', \OCP\Util::ERROR); + continue; + } if (!isset($info['name'])) { \OCP\Util::writeLog('core', 'App id "' . $app . '" has no name in appinfo', \OCP\Util::ERROR); @@ -1081,6 +1088,14 @@ class OC_App { if ($app !== false) { // check if the app is compatible with this version of ownCloud $info = self::getAppInfo($app); + if(!is_array($info)) { + throw new \Exception( + $l->t('App "%s" cannot be installed because appinfo file cannot be read.', + [$info['name']] + ) + ); + } + $version = \OCP\Util::getVersion(); if (!self::isAppCompatible($version, $info)) { throw new \Exception( diff --git a/lib/private/installer.php b/lib/private/installer.php index c026383e26e..421e281e56b 100644 --- a/lib/private/installer.php +++ b/lib/private/installer.php @@ -342,6 +342,9 @@ class OC_Installer{ } $info = OC_App::getAppInfo($extractDir.'/appinfo/info.xml', true); + if(!is_array($info)) { + throw new \Exception($l->t('App cannot be installed because appinfo file cannot be read.')); + } // We can't trust the parsed info.xml file as it may have been tampered // with by an attacker and thus we need to use the local data to check diff --git a/lib/public/app.php b/lib/public/app.php index 032116eb43f..c3ba90cea41 100644 --- a/lib/public/app.php +++ b/lib/public/app.php @@ -112,7 +112,7 @@ class App { * Read app metadata from the info.xml file * @param string $app id of the app or the path of the info.xml file * @param boolean $path (optional) - * @return array + * @return array|null * @since 4.0.0 */ public static function getAppInfo( $app, $path=false ) { |