Only use junctions if they can be safely removed
parent
603fe500f9
commit
6212eadcb0
|
@ -82,6 +82,12 @@ class PathDownloader extends FileDownloader implements VcsCapableDownloaderInter
|
|||
$allowedStrategies = array(self::STRATEGY_MIRROR);
|
||||
}
|
||||
|
||||
// Check we can use junctions safely if we are on Windows
|
||||
if (Platform::isWindows() && self::STRATEGY_SYMLINK === $currentStrategy && !$this->safeJunctions()) {
|
||||
$currentStrategy = self::STRATEGY_MIRROR;
|
||||
$allowedStrategies = array(self::STRATEGY_MIRROR);
|
||||
}
|
||||
|
||||
$fileSystem = new Filesystem();
|
||||
$this->filesystem->removeDirectory($path);
|
||||
|
||||
|
@ -172,4 +178,28 @@ class PathDownloader extends FileDownloader implements VcsCapableDownloaderInter
|
|||
return $packageVersion['commit'];
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if junctions can be safely used on Windows
|
||||
*
|
||||
* A PHP bug makes junction detection fragile, leading to possible data loss
|
||||
* when removing a package. See https://bugs.php.net/bug.php?id=77552
|
||||
*
|
||||
* For safety we require a minimum version of Windows 7, so we can call the
|
||||
* system rmdir which can detect junctions and not delete target content.
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
private function safeJunctions()
|
||||
{
|
||||
// Bug fixed in 7.3.3 and 7.2.16
|
||||
if (PHP_VERSION_ID >= 70303 || (PHP_VERSION_ID >= 70216 && PHP_VERSION_ID < 70300)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Windows 7 is version 6.1
|
||||
return function_exists('proc_open') &&
|
||||
(PHP_WINDOWS_VERSION_MAJOR > 6 ||
|
||||
(PHP_WINDOWS_VERSION_MAJOR === 6 && PHP_WINDOWS_VERSION_MINOR >= 1));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -650,12 +650,17 @@ class Filesystem
|
|||
*
|
||||
* We test if the path is a directory and not an ordinary link, then check
|
||||
* that the mode value returned from lstat (which gives the status of the
|
||||
* link itself) is not a directory.
|
||||
* link itself) is not a directory, by replicating the POSIX S_ISDIR test.
|
||||
*
|
||||
* This relies on the fact that PHP does not set this value because there is
|
||||
* no universal file type flag for a junction or a mount point. However a
|
||||
* bug in PHP can cause a random value to be returned and this could result
|
||||
* in a junction not being detected: https://bugs.php.net/bug.php?id=77552
|
||||
* This logic works because PHP does not set the mode value for a junction,
|
||||
* since there is no universal file type flag for it. Unfortunately an
|
||||
* uninitialized variable in PHP prior to 7.2.16 and 7.3.3 may cause a
|
||||
* random value to be returned. See https://bugs.php.net/bug.php?id=77552
|
||||
*
|
||||
* If this random value passes the S_ISDIR test, then a junction will not be
|
||||
* detected and a recursive delete operation could lead to loss of data in
|
||||
* the target directory. Note that Windows rmdir can handle this situation
|
||||
* and will only delete the junction (from Windows 7 onwards).
|
||||
*
|
||||
* @param string $junction Path to check.
|
||||
* @return bool
|
||||
|
@ -673,7 +678,7 @@ class Filesystem
|
|||
clearstatcache(true, $junction);
|
||||
$stat = lstat($junction);
|
||||
|
||||
// S_IFDIR is 0x4000, S_IFMT is the 0xF000 bitmask
|
||||
// S_ISDIR test (S_IFDIR is 0x4000, S_IFMT is 0xF000 bitmask)
|
||||
return $stat ? 0x4000 !== ($stat['mode'] & 0xF000) : false;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue