bachir/popsu-d7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated core to 7.80

Browse Source
This commit is contained in:
Bachir Soussi Chiadmi
2021-07-12 10:11:08 +02:00
parent 7b1e954f7f
commit 5656f5a68a
236 changed files with 4149 additions and 888 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/system/system.archiver.inc
View File

@@ -38,10 +38,10 @@ class ArchiverTar implements ArchiverInterface {
public function extract($path, Array $files = array()) {
if ($files) {
$this->tar->extractList($files, $path);
$this->tar->extractList($files, $path, '', FALSE, FALSE);
}
else {
$this->tar->extract($path);
$this->tar->extract($path, FALSE, FALSE);
}
return $this;

6
modules/system/system.info
View File

@@ -12,7 +12,7 @@ files[] = system.test
required = TRUE
configure = admin/config/system
; Information added by Drupal.org packaging script on 2019-05-08
version = "7.67"
; Information added by Drupal.org packaging script on 2021-04-21
version = "7.80"
project = "drupal"
datestamp = "1557336079"
datestamp = "1619021862"

14
modules/system/system.install
View File

@@ -3292,6 +3292,20 @@ function system_update_7082() {
// Empty update to force a rebuild of hook_library() and JS aggregates.
}
/**
* Add 'jquery-html-prefilter-3.5.0-backport.js' to the 'jquery' library.
*/
function system_update_7083() {
// Empty update to force a rebuild of hook_library() and JS aggregates.
}
/**
* Rebuild JavaScript aggregates to include 'ajax.js' fix for Chrome 83.
*/
function system_update_7084() {
// Empty update to force a rebuild of JS aggregates.
}
/**
* @} End of "defgroup updates-7.x-extra".
* The next series of updates should start at 8000.

7
modules/system/system.module
View File

@@ -323,6 +323,10 @@ function system_element_info() {
'#group_callback' => 'drupal_group_css',
'#aggregate_callback' => 'drupal_aggregate_css',
);
$types['scripts'] = array(
'#items' => array(),
'#pre_render' => array('drupal_pre_render_scripts'),
);
// Input elements.
$types['submit'] = array(
@@ -1182,9 +1186,10 @@ function system_library() {
'version' => '1.4.4',
'js' => array(
'misc/jquery.js' => array('group' => JS_LIBRARY, 'weight' => -20),
// This includes a security fix, so assign a weight that makes this load
// These include security fixes, so assign a weight that makes them load
// as soon after jquery.js is loaded as possible.
'misc/jquery-extend-3.4.0.js' => array('group' => JS_LIBRARY, 'weight' => -19),
'misc/jquery-html-prefilter-3.5.0-backport.js' => array('group' => JS_LIBRARY, 'weight' => -19),
),
);

171
modules/system/system.tar.inc
View File

@@ -40,35 +40,23 @@
*/
/**
* Note on Drupal 8 porting.
* This file origin is Tar.php, release 1.4.5 (stable) with some code
* from PEAR.php, release 1.10.5 (stable) both at http://pear.php.net.
* Note on Drupal 7 porting.
* This file origin is Tar.php, release 1.4.9 (stable) with some code
* from PEAR.php, release 1.10.10 (stable) both at http://pear.php.net.
* To simplify future porting from pear of this file, you should not
* do cosmetic or other non significant changes to this file.
* The following changes have been done:
* Added namespace Drupal\Core\Archiver.
* Removed require_once 'PEAR.php'.
* Added defintion of OS_WINDOWS taken from PEAR.php.
* Renamed class to ArchiveTar.
* Removed extends PEAR from class.
* Removed call parent:: __construct().
* Changed PEAR::loadExtension($extname) to this->loadExtension($extname).
* Added function loadExtension() taken from PEAR.php.
* Changed all calls of unlink() to drupal_unlink().
* Changed $this->error_object = &$this->raiseError($p_message)
* to throw new \Exception($p_message).
* to throw new Exception($p_message).
*/
/**
* Note on Drupal 7 backporting from Drupal 8.
* File origin is core/lib/Drupal/Core/Archiver/ArchiveTar.php from Drupal 8.
* The following changes have been done:
* Removed namespace Drupal\Core\Archiver.
* Renamed class to Archive_Tar.
* Changed \Exception to Exception.
*/
// Drupal removal require_once 'PEAR.php'.
// Drupal addition OS_WINDOWS as defined in PEAR.php.
@@ -153,6 +141,18 @@ class Archive_Tar
*/
public $error_object = null;
/**
* Format for data extraction
*
* @var string
*/
public $_fmt = '';
/**
* @var int Length of the read buffer in bytes
*/
protected $buffer_length;
/**
* Archive_Tar Class constructor. This flavour of the constructor only
* declare a new Archive_Tar object, identifying it by the name of the
@@ -165,10 +165,11 @@ class Archive_Tar
* parameter indicates if gzip, bz2 or lzma2 compression
* is required. For compatibility reason the
* boolean value 'true' means 'gz'.
* @param int $buffer_length Length of the read buffer in bytes
*
* @return bool
*/
public function __construct($p_tarname, $p_compress = null)
public function __construct($p_tarname, $p_compress = null, $buffer_length = 512)
{
// Drupal removal parent::__construct().
@@ -263,22 +264,23 @@ class Archive_Tar
if (version_compare(PHP_VERSION, "5.5.0-dev") < 0) {
$this->_fmt = "a100filename/a8mode/a8uid/a8gid/a12size/a12mtime/" .
"a8checksum/a1typeflag/a100link/a6magic/a2version/" .
"a32uname/a32gname/a8devmajor/a8devminor/a131prefix";
"a8checksum/a1typeflag/a100link/a6magic/a2version/" .
"a32uname/a32gname/a8devmajor/a8devminor/a131prefix";
} else {
$this->_fmt = "Z100filename/Z8mode/Z8uid/Z8gid/Z12size/Z12mtime/" .
"Z8checksum/Z1typeflag/Z100link/Z6magic/Z2version/" .
"Z32uname/Z32gname/Z8devmajor/Z8devminor/Z131prefix";
"Z8checksum/Z1typeflag/Z100link/Z6magic/Z2version/" .
"Z32uname/Z32gname/Z8devmajor/Z8devminor/Z131prefix";
}
$this->buffer_length = $buffer_length;
}
public function __destruct()
{
$this->_close();
// ----- Look for a local copy to delete
if ($this->_temp_tarname != '') {
if ($this->_temp_tarname != '' && (bool) preg_match('/^tar[[:alnum:]]*\.tmp$/', $this->_temp_tarname)) {
@drupal_unlink($this->_temp_tarname);
}
}
@@ -371,11 +373,12 @@ class Archive_Tar
/**
* @param string $p_path
* @param bool $p_preserve
* @param bool $p_symlinks
* @return bool
*/
public function extract($p_path = '', $p_preserve = false)
public function extract($p_path = '', $p_preserve = false, $p_symlinks = true)
{
return $this->extractModify($p_path, '', $p_preserve);
return $this->extractModify($p_path, '', $p_preserve, $p_symlinks);
}
/**
@@ -616,11 +619,12 @@ class Archive_Tar
* removed if present at the beginning of
* the file/dir path.
* @param boolean $p_preserve Preserve user/group ownership of files
* @param boolean $p_symlinks Allow symlinks.
*
* @return boolean true on success, false on error.
* @see extractList()
*/
public function extractModify($p_path, $p_remove_path, $p_preserve = false)
public function extractModify($p_path, $p_remove_path, $p_preserve = false, $p_symlinks = true)
{
$v_result = true;
$v_list_detail = array();
@@ -632,7 +636,8 @@ class Archive_Tar
"complete",
0,
$p_remove_path,
$p_preserve
$p_preserve,
$p_symlinks
);
$this->_close();
}
@@ -676,11 +681,12 @@ class Archive_Tar
* removed if present at the beginning of
* the file/dir path.
* @param boolean $p_preserve Preserve user/group ownership of files
* @param boolean $p_symlinks Allow symlinks.
*
* @return true on success, false on error.
* @see extractModify()
*/
public function extractList($p_filelist, $p_path = '', $p_remove_path = '', $p_preserve = false)
public function extractList($p_filelist, $p_path = '', $p_remove_path = '', $p_preserve = false, $p_symlinks = true)
{
$v_result = true;
$v_list_detail = array();
@@ -701,7 +707,8 @@ class Archive_Tar
"partial",
$v_list,
$p_remove_path,
$p_preserve
$p_preserve,
$p_symlinks
);
$this->_close();
}
@@ -1326,8 +1333,15 @@ class Archive_Tar
return false;
}
while (($v_buffer = fread($v_file, 512)) != '') {
$v_binary_data = pack("a512", "$v_buffer");
while (($v_buffer = fread($v_file, $this->buffer_length)) != '') {
$buffer_length = strlen("$v_buffer");
if ($buffer_length != $this->buffer_length) {
$pack_size = ((int)($buffer_length / 512) + 1) * 512;
$pack_format = sprintf('a%d', $pack_size);
} else {
$pack_format = sprintf('a%d', $this->buffer_length);
}
$v_binary_data = pack($pack_format, "$v_buffer");
$this->_writeBlock($v_binary_data);
}
@@ -1532,7 +1546,8 @@ class Archive_Tar
$p_type = '',
$p_uid = 0,
$p_gid = 0
) {
)
{
$p_filename = $this->_pathReduction($p_filename);
if (strlen($p_filename) > 99) {
@@ -1745,7 +1760,16 @@ class Archive_Tar
}
// ----- Extract the checksum
$v_header['checksum'] = OctDec(trim($v_data['checksum']));
$v_data_checksum = trim($v_data['checksum']);
if (!preg_match('/^[0-7]*$/', $v_data_checksum)) {
$this->_error(
'Invalid checksum for file "' . $v_data['filename']
. '" : ' . $v_data_checksum . ' extracted'
);
return false;
}
$v_header['checksum'] = OctDec($v_data_checksum);
if ($v_header['checksum'] != $v_checksum) {
$v_header['filename'] = '';
@@ -1764,7 +1788,7 @@ class Archive_Tar
// ----- Extract the properties
$v_header['filename'] = rtrim($v_data['filename'], "\0");
if ($this->_maliciousFilename($v_header['filename'])) {
if ($this->_isMaliciousFilename($v_header['filename'])) {
$this->_error(
'Malicious .tar detected, file "' . $v_header['filename'] .
'" will not install in desired directory tree'
@@ -1834,15 +1858,12 @@ class Archive_Tar
*
* @return bool
*/
private function _maliciousFilename($file)
private function _isMaliciousFilename($file)
{
if (strpos($file, 'phar://') === 0) {
if (strpos($file, '://') !== false) {
return true;
}
if (strpos($file, DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR) !== false) {
return true;
}
if (strpos($file, '..' . DIRECTORY_SEPARATOR) === 0) {
if (strpos($file, '../') !== false || strpos($file, '..\\') !== false) {
return true;
}
return false;
@@ -1875,7 +1896,7 @@ class Archive_Tar
$v_filename = rtrim(substr($v_filename, 0, $v_filesize), "\0");
$v_header['filename'] = $v_filename;
if ($this->_maliciousFilename($v_filename)) {
if ($this->_isMaliciousFilename($v_filename)) {
$this->_error(
'Malicious .tar detected, file "' . $v_filename .
'" will not install in desired directory tree'
@@ -1908,19 +1929,23 @@ class Archive_Tar
}
switch ($v_header['typeflag']) {
case 'L': {
if (!$this->_readLongHeader($v_header)) {
return null;
case 'L':
{
if (!$this->_readLongHeader($v_header)) {
return null;
}
}
} break;
break;
case 'K': {
$v_link_header = $v_header;
if (!$this->_readLongHeader($v_link_header)) {
return null;
case 'K':
{
$v_link_header = $v_header;
if (!$this->_readLongHeader($v_link_header)) {
return null;
}
$v_header['link'] = $v_link_header['filename'];
}
$v_header['link'] = $v_link_header['filename'];
} break;
break;
}
if ($v_header['filename'] == $p_filename) {
@@ -1960,6 +1985,7 @@ class Archive_Tar
* @param string $p_file_list
* @param string $p_remove_path
* @param bool $p_preserve
* @param bool $p_symlinks
* @return bool
*/
public function _extractList(
@@ -1968,8 +1994,10 @@ class Archive_Tar
$p_mode,
$p_file_list,
$p_remove_path,
$p_preserve = false
) {
$p_preserve = false,
$p_symlinks = true
)
{
$v_result = true;
$v_nb = 0;
$v_extract_all = true;
@@ -2022,19 +2050,23 @@ class Archive_Tar
}
switch ($v_header['typeflag']) {
case 'L': {
if (!$this->_readLongHeader($v_header)) {
return null;
case 'L':
{
if (!$this->_readLongHeader($v_header)) {
return null;
}
}
} break;
break;
case 'K': {
$v_link_header = $v_header;
if (!$this->_readLongHeader($v_link_header)) {
return null;
case 'K':
{
$v_link_header = $v_header;
if (!$this->_readLongHeader($v_link_header)) {
return null;
}
$v_header['link'] = $v_link_header['filename'];
}
$v_header['link'] = $v_link_header['filename'];
} break;
break;
}
// ignore extended / pax headers
@@ -2146,6 +2178,21 @@ class Archive_Tar
}
}
} elseif ($v_header['typeflag'] == "2") {
if (strpos(realpath(dirname($v_header['link'])), realpath($p_path)) !== 0) {
$this->_error(
'Out-of-path file extraction {'
. $v_header['filename'] . ' --> ' .
$v_header['link'] . '}'
);
return false;
}
if (!$p_symlinks) {
$this->_warning('Symbolic links are not allowed. '
. 'Unable to extract {'
. $v_header['filename'] . '}'
);
return false;
}
if (@file_exists($v_header['filename'])) {
@drupal_unlink($v_header['filename']);
}

17
modules/system/system.test
View File

@@ -28,7 +28,7 @@ class ModuleTestCase extends DrupalWebTestCase {
* specified base table. Defaults to TRUE.
*/
function assertTableCount($base_table, $count = TRUE) {
$tables = db_find_tables(Database::getConnection()->prefixTables('{' . $base_table . '}') . '%');
$tables = db_find_tables_d8($base_table . '%');
if ($count) {
return $this->assertTrue($tables, format_string('Tables matching "@base_table" found.', array('@base_table' => $base_table)));
@@ -779,14 +779,14 @@ class IPAddressBlockingTestCase extends DrupalWebTestCase {
$submit_ip = $_SERVER['REMOTE_ADDR'] = '192.168.1.1';
system_block_ip_action();
system_block_ip_action();
$ip_count = db_query("SELECT iid from {blocked_ips} WHERE ip = :ip", array(':ip' => $submit_ip))->rowCount();
$ip_count = db_query("SELECT COUNT(*) from {blocked_ips} WHERE ip = :ip", array(':ip' => $submit_ip))->fetchColumn();
$this->assertEqual('1', $ip_count);
drupal_static_reset('ip_address');
$submit_ip = $_SERVER['REMOTE_ADDR'] = ' ';
system_block_ip_action();
system_block_ip_action();
system_block_ip_action();
$ip_count = db_query("SELECT iid from {blocked_ips} WHERE ip = :ip", array(':ip' => $submit_ip))->rowCount();
$ip_count = db_query("SELECT COUNT(*) from {blocked_ips} WHERE ip = :ip", array(':ip' => $submit_ip))->fetchColumn();
$this->assertEqual('1', $ip_count);
}
}
@@ -2995,7 +2995,16 @@ class SystemValidTokenTest extends DrupalUnitTestCase {
// The following checks will throw PHP notices, so we disable error
// assertions.
$this->assertErrors = FALSE;
$this->assertFalse(drupal_valid_token(NULL, new stdClass()), 'Token NULL, value object returns FALSE.');
try {
$this->assertFalse(drupal_valid_token(NULL, new stdClass()), 'Token NULL, value object returns FALSE.');
}
// PHP 7.4 compatibility: the stdClass string conversion throws an exception
// which is also an acceptable outcome of this test.
catch (Error $e) {
$this->pass('Token NULL, value object throws error exception which is ok.');
}
$this->assertFalse(drupal_valid_token(0, array()), 'Token 0, value array returns FALSE.');
$this->assertFalse(drupal_valid_token('', array()), "Token '', value array returns FALSE.");
$this->assertFalse('' === drupal_get_token(array()), 'Token generation does not return an empty string on invalid parameters.');

6
modules/system/tests/cron_queue_test.info
View File

@@ -5,7 +5,7 @@ version = VERSION
core = 7.x
hidden = TRUE
; Information added by Drupal.org packaging script on 2019-05-08
version = "7.67"
; Information added by Drupal.org packaging script on 2021-04-21
version = "7.80"
project = "drupal"
datestamp = "1557336079"
datestamp = "1619021862"

6
modules/system/tests/system_cron_test.info
View File

@@ -5,7 +5,7 @@ version = VERSION
core = 7.x
hidden = TRUE
; Information added by Drupal.org packaging script on 2019-05-08
version = "7.67"
; Information added by Drupal.org packaging script on 2021-04-21
version = "7.80"
project = "drupal"
datestamp = "1557336079"
datestamp = "1619021862"