Tweaks to Input File Validation (#2217)

* Tweaks to Input File Validation

This started as a response to issue #1718, for which it is a partial (not complete) solution. The following changes are made:
- canRead can currently throw an exception. This seems wrong. It should just return true/false.
- Breaking change of sorts. When AssertFile encounters a non-existent or unreadable file, it throws InvalidArgumentException. This does not make sense. I have changed it to throw PhpSpreadsheet/Reader/Exception.
- Since the previous bullet item required changing of most of the Reader files anyhow, this is a good time to add explicit typing for canRead in the function signature rather than the DocBlock. Since all the canRead functions inherit from an abstract version in IReader, they all have to be changed simulatneously. Except for Xlsx and Ods, most of the Reader files are otherwise unchanged.
- AssertFile is changed to add an optional "zip member" parameter. It will check for the existence of an appropriate member in what is supposed to be a zip file. It is used by Xlsx and Ods.
- Verifying that a given file is a valid zip ought to be a feature of ZipArchive. Thanks to a particularly nasty bug in php/libzip (see https://bugs.php.net/bug.php?id=81222), it is unsafe to attempt to open a zero-length file as a zip archive. There is a solution, but it does not apply to all the PHP releases which we support, and isn't even necessarily supported on all the point versions of the PHP versions which we do support. I have coded up a manual test for "valid zip", with a comment pointing to the spec.
- In theory, tests now cover 100% of the code in Shared/File. In practice ... One of the tests require that chmod works properly, which is not quite true on Windows systems, so that test is skipped on Windows. Another test requires that php.ini uses a non-default value for upload_temp_dir (can't be overridden in application code), which is probably not the case when Github runs the unit tests, so that test is skipped when appropriate. I have run tests for both on systems where they are not skipped.

* Update File.php

* Scrutinizer Timeout

It's not actually timing out, it's just waiting for something to finish that finished ages ago. Making a meaningless comment change in hopes that will clear the jam. Not particularly hopeful.

Author: oleibman

phpstan-baseline.neon

@@ -3625,21 +3625,6 @@ parameters:
 			count: 1
 			path: src/PhpSpreadsheet/Shared/Escher/DgContainer/SpgrContainer.php
 
-		-
-			message: "#^Strict comparison using \\=\\=\\= between string\\|false and null will always evaluate to false\\.$#"
-			count: 1
-			path: src/PhpSpreadsheet/Shared/File.php
-
-		-
-			message: "#^Method PhpOffice\\\\PhpSpreadsheet\\\\Shared\\\\File\\:\\:realpath\\(\\) should return string but returns string\\|false\\.$#"
-			count: 1
-			path: src/PhpSpreadsheet/Shared/File.php
-
-		-
-			message: "#^Method PhpOffice\\\\PhpSpreadsheet\\\\Shared\\\\File\\:\\:sysGetTempDir\\(\\) should return string but returns string\\|false\\.$#"
-			count: 2
-			path: src/PhpSpreadsheet/Shared/File.php
-
 		-
 			message: "#^Property PhpOffice\\\\PhpSpreadsheet\\\\Shared\\\\Font\\:\\:\\$autoSizeMethods has no typehint specified\\.$#"
 			count: 1

samples/Reader/16_Handling_loader_exceptions_using_TryCatch.php

@@ -1,6 +1,7 @@
 <?php
 
 use PhpOffice\PhpSpreadsheet\IOFactory;
+use PhpOffice\PhpSpreadsheet\Reader\Exception as ReaderException;
 
 require __DIR__ . '/../Header.php';
 
@@ -9,6 +10,6 @@
 
 try {
     $spreadsheet = IOFactory::load($inputFileName);
-} catch (InvalidArgumentException $e) {
+} catch (ReaderException $e) {
     $helper->log('Error loading file "' . pathinfo($inputFileName, PATHINFO_BASENAME) . '": ' . $e->getMessage());
 }

src/PhpSpreadsheet/Reader/Csv.php

@@ -2,9 +2,9 @@
 
 namespace PhpOffice\PhpSpreadsheet\Reader;
 
-use InvalidArgumentException;
 use PhpOffice\PhpSpreadsheet\Cell\Coordinate;
 use PhpOffice\PhpSpreadsheet\Reader\Csv\Delimiter;
+use PhpOffice\PhpSpreadsheet\Reader\Exception as ReaderException;
 use PhpOffice\PhpSpreadsheet\Shared\StringHelper;
 use PhpOffice\PhpSpreadsheet\Spreadsheet;
 
@@ -35,7 +35,7 @@ class Csv extends BaseReader
     private $inputEncoding = 'UTF-8';
 
     /**
-     * Fallback encoding if 'guess' strikes out.
+     * Fallback encoding if guess strikes out.
      *
      * @var string
      */
@@ -410,17 +410,13 @@ private static function extractStringLower($extension): string
 
     /**
      * Can the current IReader read the file?
-     *
-     * @param string $pFilename
-     *
-     * @return bool
      */
-    public function canRead($pFilename)
+    public function canRead(string $pFilename): bool
     {
         // Check if file exists
         try {
             $this->openFile($pFilename);
-        } catch (InvalidArgumentException $e) {
+        } catch (ReaderException $e) {
             return false;
         }
 

src/PhpSpreadsheet/Reader/Gnumeric.php

@@ -77,18 +77,12 @@ public function __construct()
 
     /**
      * Can the current IReader read the file?
-     *
-     * @param string $pFilename
-     *
-     * @return bool
      */
-    public function canRead($pFilename)
+    public function canRead(string $pFilename): bool
     {
-        File::assertFile($pFilename);
-
-        // Check if gzlib functions are available
         $data = '';
-        if (function_exists('gzread')) {
+        // Check if gzlib functions are available
+        if (File::testFileNoThrow($pFilename) && function_exists('gzread')) {
             // Read signature data (first 3 bytes)
             $fh = fopen($pFilename, 'rb');
             if ($fh !== false) {

src/PhpSpreadsheet/Reader/Html.php

@@ -137,12 +137,8 @@ public function __construct()
 
     /**
      * Validate that the current file is an HTML file.
-     *
-     * @param string $pFilename
-     *
-     * @return bool
      */
-    public function canRead($pFilename)
+    public function canRead(string $pFilename): bool
     {
         // Check if file exists
         try {

src/PhpSpreadsheet/Reader/IReader.php

@@ -13,12 +13,8 @@ public function __construct();
 
     /**
      * Can the current IReader read the file?
-     *
-     * @param string $pFilename
-     *
-     * @return bool
      */
-    public function canRead($pFilename);
+    public function canRead(string $pFilename): bool;
 
     /**
      * Read data only?

src/PhpSpreadsheet/Reader/Ods.php

@@ -10,7 +10,6 @@
 use PhpOffice\PhpSpreadsheet\Calculation\Calculation;
 use PhpOffice\PhpSpreadsheet\Cell\Coordinate;
 use PhpOffice\PhpSpreadsheet\Cell\DataType;
-use PhpOffice\PhpSpreadsheet\Reader\Exception as ReaderException;
 use PhpOffice\PhpSpreadsheet\Reader\Ods\AutoFilter;
 use PhpOffice\PhpSpreadsheet\Reader\Ods\DefinedNames;
 use PhpOffice\PhpSpreadsheet\Reader\Ods\PageSettings;
@@ -28,6 +27,8 @@
 
 class Ods extends BaseReader
 {
+    const INITIAL_FILE = 'content.xml';
+
     /**
      * Create a new Ods Reader instance.
      */
@@ -39,46 +40,42 @@ public function __construct()
 
     /**
      * Can the current IReader read the file?
-     *
-     * @param string $pFilename
-     *
-     * @return bool
      */
-    public function canRead($pFilename)
+    public function canRead(string $pFilename): bool
     {
-        File::assertFile($pFilename);
-
         $mimeType = 'UNKNOWN';
 
         // Load file
 
-        $zip = new ZipArchive();
-        if ($zip->open($pFilename) === true) {
-            // check if it is an OOXML archive
-            $stat = $zip->statName('mimetype');
-            if ($stat && ($stat['size'] <= 255)) {
-                $mimeType = $zip->getFromName($stat['name']);
-            } elseif ($zip->statName('META-INF/manifest.xml')) {
-                $xml = simplexml_load_string(
-                    $this->securityScanner->scan($zip->getFromName('META-INF/manifest.xml')),
-                    'SimpleXMLElement',
-                    Settings::getLibXmlLoaderOptions()
-                );
-                $namespacesContent = $xml->getNamespaces(true);
-                if (isset($namespacesContent['manifest'])) {
-                    $manifest = $xml->children($namespacesContent['manifest']);
-                    foreach ($manifest as $manifestDataSet) {
-                        $manifestAttributes = $manifestDataSet->attributes($namespacesContent['manifest']);
-                        if ($manifestAttributes->{'full-path'} == '/') {
-                            $mimeType = (string) $manifestAttributes->{'media-type'};
-
-                            break;
+        if (File::testFileNoThrow($pFilename)) {
+            $zip = new ZipArchive();
+            if ($zip->open($pFilename) === true) {
+                // check if it is an OOXML archive
+                $stat = $zip->statName('mimetype');
+                if ($stat && ($stat['size'] <= 255)) {
+                    $mimeType = $zip->getFromName($stat['name']);
+                } elseif ($zip->statName('META-INF/manifest.xml')) {
+                    $xml = simplexml_load_string(
+                        $this->securityScanner->scan($zip->getFromName('META-INF/manifest.xml')),
+                        'SimpleXMLElement',
+                        Settings::getLibXmlLoaderOptions()
+                    );
+                    $namespacesContent = $xml->getNamespaces(true);
+                    if (isset($namespacesContent['manifest'])) {
+                        $manifest = $xml->children($namespacesContent['manifest']);
+                        foreach ($manifest as $manifestDataSet) {
+                            $manifestAttributes = $manifestDataSet->attributes($namespacesContent['manifest']);
+                            if ($manifestAttributes->{'full-path'} == '/') {
+                                $mimeType = (string) $manifestAttributes->{'media-type'};
+
+                                break;
+                            }
                         }
                     }
                 }
-            }
 
-            $zip->close();
+                $zip->close();
+            }
         }
 
         return $mimeType === 'application/vnd.oasis.opendocument.spreadsheet';
@@ -93,18 +90,13 @@ public function canRead($pFilename)
      */
     public function listWorksheetNames($pFilename)
     {
-        File::assertFile($pFilename);
-
-        $zip = new ZipArchive();
-        if ($zip->open($pFilename) !== true) {
-            throw new ReaderException('Could not open ' . $pFilename . ' for reading! Error opening file.');
-        }
+        File::assertFile($pFilename, self::INITIAL_FILE);
 
         $worksheetNames = [];
 
         $xml = new XMLReader();
         $xml->xml(
-            $this->securityScanner->scanFile('zip://' . realpath($pFilename) . '#content.xml'),
+            $this->securityScanner->scanFile('zip://' . realpath($pFilename) . '#' . self::INITIAL_FILE),
             null,
             Settings::getLibXmlLoaderOptions()
         );
@@ -145,18 +137,13 @@ public function listWorksheetNames($pFilename)
      */
     public function listWorksheetInfo($pFilename)
     {
-        File::assertFile($pFilename);
+        File::assertFile($pFilename, self::INITIAL_FILE);
 
         $worksheetInfo = [];
 
-        $zip = new ZipArchive();
-        if ($zip->open($pFilename) !== true) {
-            throw new ReaderException('Could not open ' . $pFilename . ' for reading! Error opening file.');
-        }
-
         $xml = new XMLReader();
         $xml->xml(
-            $this->securityScanner->scanFile('zip://' . realpath($pFilename) . '#content.xml'),
+            $this->securityScanner->scanFile('zip://' . realpath($pFilename) . '#' . self::INITIAL_FILE),
             null,
             Settings::getLibXmlLoaderOptions()
         );
@@ -253,12 +240,10 @@ public function load(string $pFilename, int $flags = 0)
      */
     public function loadIntoExisting($pFilename, Spreadsheet $spreadsheet)
     {
-        File::assertFile($pFilename);
+        File::assertFile($pFilename, self::INITIAL_FILE);
 
         $zip = new ZipArchive();
-        if ($zip->open($pFilename) !== true) {
-            throw new Exception("Could not open {$pFilename} for reading! Error opening file.");
-        }
+        $zip->open($pFilename);
 
         // Meta
 
@@ -289,7 +274,7 @@ public function loadIntoExisting($pFilename, Spreadsheet $spreadsheet)
 
         $dom = new DOMDocument('1.01', 'UTF-8');
         $dom->loadXML(
-            $this->securityScanner->scan($zip->getFromName('content.xml')),
+            $this->securityScanner->scan($zip->getFromName(self::INITIAL_FILE)),
             Settings::getLibXmlLoaderOptions()
         );
 

src/PhpSpreadsheet/Reader/Slk.php

@@ -2,7 +2,6 @@
 
 namespace PhpOffice\PhpSpreadsheet\Reader;
 
-use InvalidArgumentException;
 use PhpOffice\PhpSpreadsheet\Calculation\Calculation;
 use PhpOffice\PhpSpreadsheet\Cell\Coordinate;
 use PhpOffice\PhpSpreadsheet\Reader\Exception as ReaderException;
@@ -65,16 +64,12 @@ public function __construct()
 
     /**
      * Validate that the current file is a SYLK file.
-     *
-     * @param string $pFilename
-     *
-     * @return bool
      */
-    public function canRead($pFilename)
+    public function canRead(string $pFilename): bool
     {
         try {
             $this->openFile($pFilename);
-        } catch (InvalidArgumentException $e) {
+        } catch (ReaderException $e) {
             return false;
         }
 

src/PhpSpreadsheet/Reader/Xls.php

@@ -419,14 +419,12 @@ public function __construct()
 
     /**
      * Can the current IReader read the file?
-     *
-     * @param string $pFilename
-     *
-     * @return bool
      */
-    public function canRead($pFilename)
+    public function canRead(string $pFilename): bool
     {
-        File::assertFile($pFilename);
+        if (!File::testFileNoThrow($pFilename)) {
+            return false;
+        }
 
         try {
             // Use ParseXL for the hard work.