File php5-CVE-2020-7063.patch of Package php5.16119

Index: php-5.5.14/ext/phar/phar_object.c
===================================================================
--- php-5.5.14.orig/ext/phar/phar_object.c	2020-03-02 15:59:06.996192845 +0100
+++ php-5.5.14/ext/phar/phar_object.c	2020-03-02 15:59:30.092323654 +0100
@@ -1426,6 +1426,7 @@ static int phar_build(zend_object_iterat
 	zend_class_entry *ce = p_obj->c;
 	phar_archive_object *phar_obj = p_obj->p;
 	char *str = "[stream]";
+	php_stream_statbuf ssb;
 
 	iter->funcs->get_current_data(iter, &value TSRMLS_CC);
 
@@ -1708,6 +1709,9 @@ after_open_fp:
 		phar_stream_copy_to_stream(fp, p_obj->fp, PHP_STREAM_COPY_ALL, &contents_len);
 		data->internal_file->uncompressed_filesize = data->internal_file->compressed_filesize =
 			php_stream_tell(p_obj->fp) - data->internal_file->offset;
+		if (php_stream_stat(fp, &ssb) != -1) {
+			data->internal_file->flags = ssb.sb.st_mode & PHAR_ENT_PERM_MASK ;
+		}
 	}
 
 	if (close_fp) {
@@ -3619,7 +3623,8 @@ static void phar_add_file(phar_archive_d
 	char *error;
 	size_t contents_len;
 	phar_entry_data *data;
-	php_stream *contents_file;
+	php_stream *contents_file = NULL;
+	php_stream_statbuf ssb;
 
 	if (filename_len >= sizeof(".phar")-1 && !memcmp(filename, ".phar", sizeof(".phar")-1)) {
 		zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "Cannot create any files in magic \".phar\" directory", (*pphar)->fname);
@@ -3654,6 +3659,10 @@ static void phar_add_file(phar_archive_d
 				phar_stream_copy_to_stream(contents_file, data->fp, PHP_STREAM_COPY_ALL, &contents_len);
 			}
 
+			if (contents_file != NULL && php_stream_stat(contents_file, &ssb TSRMLS_CC) != -1) {
+				data->internal_file->flags = ssb.sb.st_mode & PHAR_ENT_PERM_MASK ;
+			}
+
 			data->internal_file->compressed_filesize = data->internal_file->uncompressed_filesize = contents_len;
 		}