Properly handle return values of OC_App::getAppInfo()

* fixes #23668
This commit is contained in:
Morris Jobke 2016-03-30 23:29:26 +02:00
parent 193a33a8ad
commit 43579e784f
3 changed files with 19 additions and 1 deletions

View File

@ -207,6 +207,9 @@ class OC_App {
*/
public static function setAppTypes($app) {
$appData = self::getAppInfo($app);
if(!is_array($appData)) {
return;
}
if (isset($appData['types'])) {
$appTypes = implode(',', $appData['types']);
@ -788,6 +791,10 @@ class OC_App {
if (array_search($app, $blacklist) === false) {
$info = OC_App::getAppInfo($app);
if (!is_array($info)) {
\OCP\Util::writeLog('core', 'Could not read app info file for app "' . $app . '"', \OCP\Util::ERROR);
continue;
}
if (!isset($info['name'])) {
\OCP\Util::writeLog('core', 'App id "' . $app . '" has no name in appinfo', \OCP\Util::ERROR);
@ -1086,6 +1093,14 @@ class OC_App {
if ($app !== false) {
// check if the app is compatible with this version of ownCloud
$info = self::getAppInfo($app);
if(!is_array($info)) {
throw new \Exception(
$l->t('App "%s" cannot be installed because appinfo file cannot be read.',
[$info['name']]
)
);
}
$version = \OCP\Util::getVersion();
if (!self::isAppCompatible($version, $info)) {
throw new \Exception(

View File

@ -342,6 +342,9 @@ class OC_Installer{
}
$info = OC_App::getAppInfo($extractDir.'/appinfo/info.xml', true);
if(!is_array($info)) {
throw new \Exception($l->t('App cannot be installed because appinfo file cannot be read.'));
}
// We can't trust the parsed info.xml file as it may have been tampered
// with by an attacker and thus we need to use the local data to check

View File

@ -112,7 +112,7 @@ class App {
* Read app metadata from the info.xml file
* @param string $app id of the app or the path of the info.xml file
* @param boolean $path (optional)
* @return array
* @return array|null
* @since 4.0.0
*/
public static function getAppInfo( $app, $path=false ) {