Fix #70752: Depacking with wrong password leaves 0 length files

We should not open the output stream before we have tried to open the
archive entry, as failing the latter could leave an empty file behind.

Author: cmb69

NEWS

@@ -17,6 +17,10 @@ PHP                                                                        NEWS
   . Fixed bug #72590 (Opcache restart with kill_all_lockers does not work).
     (Keyur) (julien backport)
 
+- Zip:
+  . Fixed bug #70752 (Depacking with wrong password leaves 0 length files).
+    (cmb)
+
 15 Sep 2016, PHP 5.6.26
 
 - Core:

ext/zip/php_zip.c

@@ -279,6 +279,12 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
 		return 0;
 	}
 
+	zf = zip_fopen(za, file, 0);
+	if (zf == NULL) {
+		n = -1;
+		goto done;
+	}
+
 #if PHP_API_VERSION < 20100412
 	stream = php_stream_open_wrapper(fullpath, "w+b", REPORT_ERRORS|ENFORCE_SAFE_MODE, NULL);
 #else
@@ -287,13 +293,7 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
 
 	if (stream == NULL) {
 		n = -1;
-		goto done;
-	}
-
-	zf = zip_fopen(za, file, 0);
-	if (zf == NULL) {
-		n = -1;
-		php_stream_close(stream);
+		zip_fclose(zf);
 		goto done;
 	}
 

ext/zip/tests/bug70752.phpt

@@ -0,0 +1,31 @@
+--TEST--
+Bug #70752 (Depacking with wrong password leaves 0 length files)
+--SKIPIF--
+<?php
+if (!extension_loaded('zip')) die('skip zip extension not available');
+?>
+--FILE--
+<?php
+$filename = __DIR__ . DIRECTORY_SEPARATOR . 'bug70752.zip';
+$zip = new ZipArchive();
+$zip->open($filename);
+
+$filename =  __DIR__ . DIRECTORY_SEPARATOR . 'bug70752.txt';
+var_dump(file_exists($filename));
+
+$zip->setPassword('bar'); // correct password would be 'foo'
+$zip->extractTo(__DIR__);
+$zip->close();
+
+var_dump(file_exists($filename));
+?>
+===DONE===
+--EXPECT--
+bool(false)
+bool(false)
+===DONE===
+--CLEAN--
+<?php
+$filename =  __DIR__ . DIRECTORY_SEPARATOR . 'bug70752.txt';
+unlink($filename);
+?>