diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2016-03-30 23:29:26 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2016-04-01 09:16:47 +0200 |
| commit | 43579e784f85f244c24553b6cac01946ab4d96f2 (patch) | |
| tree | 5bb83d7ab4c1fba07a53ddb0b6112e9f70b7a896 /lib | |
| parent | 193a33a8ada641bb83f789da14b87f29230e0e3a (diff) | |
| download | nextcloud-server-43579e784f85f244c24553b6cac01946ab4d96f2.tar.gz nextcloud-server-43579e784f85f244c24553b6cac01946ab4d96f2.zip | |
Properly handle return values of OC_App::getAppInfo()
* fixes #23668
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/app.php | 15 | ||||
| -rw-r--r-- | lib/private/installer.php | 3 | ||||
| -rw-r--r-- | lib/public/app.php | 2 |
3 files changed, 19 insertions, 1 deletions
diff --git a/lib/private/app.php b/lib/private/app.php index 7917c1c0c01..5d0909de2a5 100644 --- a/lib/private/app.php +++ b/lib/private/app.php @@ -207,6 +207,9 @@ class OC_App { */ public static function setAppTypes($app) { $appData = self::getAppInfo($app); + if(!is_array($appData)) { + return; + } if (isset($appData['types'])) { $appTypes = implode(',', $appData['types']); @@ -788,6 +791,10 @@ class OC_App { if (array_search($app, $blacklist) === false) { $info = OC_App::getAppInfo($app); + if (!is_array($info)) { + \OCP\Util::writeLog('core', 'Could not read app info file for app "' . $app . '"', \OCP\Util::ERROR); + continue; + } if (!isset($info['name'])) { \OCP\Util::writeLog('core', 'App id "' . $app . '" has no name in appinfo', \OCP\Util::ERROR); @@ -1086,6 +1093,14 @@ class OC_App { if ($app !== false) { // check if the app is compatible with this version of ownCloud $info = self::getAppInfo($app); + if(!is_array($info)) { + throw new \Exception( + $l->t('App "%s" cannot be installed because appinfo file cannot be read.', + [$info['name']] + ) + ); + } + $version = \OCP\Util::getVersion(); if (!self::isAppCompatible($version, $info)) { throw new \Exception( diff --git a/lib/private/installer.php b/lib/private/installer.php index b238d141a0f..fca9fce23ef 100644 --- a/lib/private/installer.php +++ b/lib/private/installer.php @@ -342,6 +342,9 @@ class OC_Installer{ } $info = OC_App::getAppInfo($extractDir.'/appinfo/info.xml', true); + if(!is_array($info)) { + throw new \Exception($l->t('App cannot be installed because appinfo file cannot be read.')); + } // We can't trust the parsed info.xml file as it may have been tampered // with by an attacker and thus we need to use the local data to check diff --git a/lib/public/app.php b/lib/public/app.php index e25f025d12d..41e4a7cbd61 100644 --- a/lib/public/app.php +++ b/lib/public/app.php @@ -112,7 +112,7 @@ class App { * Read app metadata from the info.xml file * @param string $app id of the app or the path of the info.xml file * @param boolean $path (optional) - * @return array + * @return array|null * @since 4.0.0 */ public static function getAppInfo( $app, $path=false ) { |