Properly handle return values of OC_App::getAppInfo()

* fixes #23668

lib/private/app.php

@@ -207,6 +207,9 @@ class OC_App {
 	 */
 	public static function setAppTypes($app) {
 		$appData = self::getAppInfo($app);
+		if(!is_array($appData)) {
+			return;
+		}
 
 		if (isset($appData['types'])) {
 			$appTypes = implode(',', $appData['types']);
@@ -783,6 +786,10 @@ class OC_App {
 			if (array_search($app, $blacklist) === false) {
 
 				$info = OC_App::getAppInfo($app);
+				if (!is_array($info)) {
+					\OCP\Util::writeLog('core', 'Could not read app info file for app "' . $app . '"', \OCP\Util::ERROR);
+					continue;
+				}
 
 				if (!isset($info['name'])) {
 					\OCP\Util::writeLog('core', 'App id "' . $app . '" has no name in appinfo', \OCP\Util::ERROR);
@@ -1081,6 +1088,14 @@ class OC_App {
 		if ($app !== false) {
 			// check if the app is compatible with this version of ownCloud
 			$info = self::getAppInfo($app);
+			if(!is_array($info)) {
+				throw new \Exception(
+					$l->t('App "%s" cannot be installed because appinfo file cannot be read.',
+						[$info['name']]
+					)
+				);
+			}
+
 			$version = \OCP\Util::getVersion();
 			if (!self::isAppCompatible($version, $info)) {
 				throw new \Exception(

lib/private/installer.php

@@ -342,6 +342,9 @@ class OC_Installer{
 		}
 
 		$info = OC_App::getAppInfo($extractDir.'/appinfo/info.xml', true);
+		if(!is_array($info)) {
+			throw new \Exception($l->t('App cannot be installed because appinfo file cannot be read.'));
+		}
 
 		// We can't trust the parsed info.xml file as it may have been tampered
 		// with by an attacker and thus we need to use the local data to check

lib/public/app.php

@@ -112,7 +112,7 @@ class App {
 	 * Read app metadata from the info.xml file
 	 * @param string $app id of the app or the path of the info.xml file
 	 * @param boolean $path (optional)
-	 * @return array
+	 * @return array|null
 	 * @since 4.0.0
 	*/
 	public static function getAppInfo( $app, $path=false ) {