private function PharExtensionInterceptor::baseFileContainsPharExtension in Drupal 8
Same name and namespace in other branches
- 7 misc/typo3/drupal-security/PharExtensionInterceptor.php \Drupal\Core\Security\PharExtensionInterceptor::baseFileContainsPharExtension()
- 9 core/lib/Drupal/Core/Security/PharExtensionInterceptor.php \Drupal\Core\Security\PharExtensionInterceptor::baseFileContainsPharExtension()
Determines if a path has a .phar extension or invoked execution.
Parameters
string $path: The path of the phar file to check.
Return value
bool TRUE if the file has a .phar extension or if the execution has been invoked by the phar file.
1 call to PharExtensionInterceptor::baseFileContainsPharExtension()
- PharExtensionInterceptor::assert in core/
lib/ Drupal/ Core/ Security/ PharExtensionInterceptor.php - Determines whether phar file is allowed to execute.
File
- core/
lib/ Drupal/ Core/ Security/ PharExtensionInterceptor.php, line 57
Class
- PharExtensionInterceptor
- An alternate PharExtensionInterceptor to support phar-based CLI tools.
Namespace
Drupal\Core\SecurityCode
private function baseFileContainsPharExtension($path) {
$baseFile = Helper::determineBaseFile($path);
if ($baseFile === NULL) {
return FALSE;
}
// If the stream wrapper is registered by invoking a phar file that does
// not have .phar extension then this should be allowed. For example, some
// CLI tools recommend removing the extension.
$backtrace = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
// Find the last entry in the backtrace containing a 'file' key as
// sometimes the last caller is executed outside the scope of a file. For
// example, this occurs with shutdown functions.
do {
$caller = array_pop($backtrace);
} while (empty($caller['file']) && !empty($backtrace));
if (isset($caller['file']) && $baseFile === Helper::determineBaseFile($caller['file'])) {
return TRUE;
}
$fileExtension = pathinfo($baseFile, PATHINFO_EXTENSION);
return strtolower($fileExtension) === 'phar';
}