fix: hardening for opcache.enable_file_override

MichaIng · MichaIng · commit b75ce7ef3f1f · 2026-04-04T15:29:47.000+02:00
If the PHP instance has aggressive caching enabled, with `opcache.enable_file_override` and sufficiently long or disabled `opcache.validate_timestamps`, `file_exists($versionFileName)` can retrun true after the file was removed from disk. `require_once $versionFileName;` however requires the file to exist on disk, even if it has an OPcache entry.

With this commit, the cache entry is invalidated before `file_exists($versionFileName)` is called, to harden the updater for instances with `opcache.enable_file_override`.

Signed-off-by: MichaIng &lt;micha@dietpi.com&gt;
diff --git a/index.php b/index.php
@@ -82,6 +82,11 @@ public function __construct(
 		}
 
 		$versionFileName = $this->nextcloudDir . '/version.php';
+		// Invalidate version.php OPcache entry to assure file_exists() returns
+		// false after files were removed while opcache.enable_file_override is set.
+		if (function_exists('opcache_invalidate')) {
+			opcache_invalidate($versionFileName, true);
+		}
 		if (!file_exists($versionFileName)) {
 			// fallback to version in config.php
 			$version = $this->getConfigOptionString('version');
diff --git a/lib/Updater.php b/lib/Updater.php
@@ -66,6 +66,11 @@ public function __construct(
 		}
 
 		$versionFileName = $this->nextcloudDir . '/version.php';
+		// Invalidate version.php OPcache entry to assure file_exists() returns
+		// false after files were removed while opcache.enable_file_override is set.
+		if (function_exists('opcache_invalidate')) {
+			opcache_invalidate($versionFileName, true);
+		}
 		if (!file_exists($versionFileName)) {
 			// fallback to version in config.php
 			$version = $this->getConfigOptionString('version');
diff --git a/updater.phar b/updater.phar
