Windows: Update libzip to version 1.5.0 that include fixes for some security issues.

author: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2018-03-18 23:13:40 +0100
committer: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2018-03-18 23:13:40 +0100
commit: cd7a01c34fc4304ef8161ee617568f274ace5d24 (patch)
tree: 41ed56e75a5feedc5f7d4fedb6338569d54d6076 /src/Common/libzip/zip_source_zip_new.c
parent: 49a8e52139b960afd3913053380190cf2d03ceda (diff)
download: VeraCrypt-cd7a01c34fc4304ef8161ee617568f274ace5d24.tar.gz
VeraCrypt-cd7a01c34fc4304ef8161ee617568f274ace5d24.zip
1 files changed, 49 insertions, 50 deletions
diff --git a/src/Common/libzip/zip_source_zip_new.c b/src/Common/libzip/zip_source_zip_new.c
index 92562558..a5cfee3a 100644
--- a/src/Common/libzip/zip_source_zip_new.c
+++ b/src/Common/libzip/zip_source_zip_new.c
@@ -2,3 +2,3 @@
   zip_source_zip_new.c -- prepare data structures for zip_fopen/zip_source_zip
-  Copyright (C) 2012-2016 Dieter Baron and Thomas Klausner
+  Copyright (C) 2012-2017 Dieter Baron and Thomas Klausner
 
@@ -19,3 +19,3 @@
      written permission.
- 
+
   THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
@@ -40,9 +40,6 @@
 zip_source_t *
-_zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t flags, zip_uint64_t start, zip_uint64_t len, const char *password)
-{
-    zip_compression_implementation comp_impl;
-    zip_encryption_implementation enc_impl;
+_zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t flags, zip_uint64_t start, zip_uint64_t len, const char *password) {
     zip_source_t *src, *s2;
-    zip_uint64_t offset;
     struct zip_stat st;
+    bool partial_data, needs_crc, needs_decrypt, needs_decompress;
 
@@ -56,4 +53,3 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
 
-    if ((flags & ZIP_FL_UNCHANGED) == 0
-	&& (ZIP_ENTRY_DATA_CHANGED(srcza->entry+srcidx) || srcza->entry[srcidx].deleted)) {
+    if ((flags & ZIP_FL_UNCHANGED) == 0 && (ZIP_ENTRY_DATA_CHANGED(srcza->entry + srcidx) || srcza->entry[srcidx].deleted)) {
 	zip_error_set(&za->error, ZIP_ER_CHANGED, 0);
@@ -62,3 +58,3 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
 
-    if (zip_stat_index(srcza, srcidx, flags|ZIP_FL_UNCHANGED, &st) < 0) {
+    if (zip_stat_index(srcza, srcidx, flags | ZIP_FL_UNCHANGED, &st) < 0) {
 	zip_error_set(&za->error, ZIP_ER_INTERNAL, 0);
@@ -76,3 +72,3 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
     /* overflow or past end of file */
-    if ((start > 0 || len > 0) && (start+len < start || start+len > st.size)) {
+    if ((start > 0 || len > 0) && (start + len < start || start + len > st.size)) {
 	zip_error_set(&za->error, ZIP_ER_INVAL, 0);
@@ -81,13 +77,18 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
 
-    enc_impl = NULL;
-    if (((flags & ZIP_FL_ENCRYPTED) == 0) && (st.encryption_method != ZIP_EM_NONE)) {
-        if (password == NULL) {
-            password = za->default_password;
-        }
+    if (len == 0) {
+	len = st.size - start;
+    }
+
+    partial_data = len < st.size;
+    needs_decrypt = ((flags & ZIP_FL_ENCRYPTED) == 0) && (st.encryption_method != ZIP_EM_NONE);
+    needs_decompress = ((flags & ZIP_FL_COMPRESSED) == 0) && (st.comp_method != ZIP_CM_STORE);
+    /* when reading the whole file, check for CRC errors */
+    needs_crc = ((flags & ZIP_FL_COMPRESSED) == 0 || st.comp_method == ZIP_CM_STORE) && !partial_data;
+
+    if (needs_decrypt) {
 	if (password == NULL) {
-	    zip_error_set(&za->error, ZIP_ER_NOPASSWD, 0);
-	    return NULL;
+	    password = za->default_password;
 	}
-	if ((enc_impl=_zip_get_encryption_implementation(st.encryption_method, ZIP_CODEC_DECODE)) == NULL) {
-	    zip_error_set(&za->error, ZIP_ER_ENCRNOTSUPP, 0);
+	if (password == NULL) {
+	    zip_error_set(&za->error, ZIP_ER_NOPASSWD, 0);
 	    return NULL;
@@ -96,15 +97,2 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
 
-    comp_impl = NULL;
-    if ((flags & ZIP_FL_COMPRESSED) == 0) {
-	if (st.comp_method != ZIP_CM_STORE) {
-	    if ((comp_impl=_zip_get_compression_implementation(st.comp_method, ZIP_CODEC_DECODE)) == NULL) {
-		zip_error_set(&za->error, ZIP_ER_COMPNOTSUPP, 0);
-		return NULL;
-	    }
-	}
-    }
-
-    if ((offset=_zip_file_get_offset(srcza, srcidx, &za->error)) == 0)
-	return NULL;
-
     if (st.comp_size == 0) {
@@ -113,12 +101,12 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
 
-    if (start+len > 0 && enc_impl == NULL && comp_impl == NULL) {
+    if (partial_data && !needs_decrypt && !needs_decompress) {
 	struct zip_stat st2;
-	
-	st2.size = len ? len : st.size-start;
-	st2.comp_size = st2.size;
+
+	st2.size = len;
+	st2.comp_size = len;
 	st2.comp_method = ZIP_CM_STORE;
 	st2.mtime = st.mtime;
-	st2.valid = ZIP_STAT_SIZE|ZIP_STAT_COMP_SIZE|ZIP_STAT_COMP_METHOD|ZIP_STAT_MTIME;
-	
-	if ((src = _zip_source_window_new(srcza->src, offset+start, st2.size, &st2, &za->error)) == NULL) {
+	st2.valid = ZIP_STAT_SIZE | ZIP_STAT_COMP_SIZE | ZIP_STAT_COMP_METHOD | ZIP_STAT_MTIME;
+
+	if ((src = _zip_source_window_new(srcza->src, start, len, &st2, 0, srcza, srcidx, &za->error)) == NULL) {
 	    return NULL;
@@ -127,3 +115,8 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
     else {
-	if ((src = _zip_source_window_new(srcza->src, offset, st.comp_size, &st, &za->error)) == NULL) {
+	zip_dirent_t *de;
+
+	if ((de = _zip_get_dirent(srcza, srcidx, flags, &za->error)) == NULL) {
+	    return NULL;
+	}
+	if ((src = _zip_source_window_new(srcza->src, 0, st.comp_size, &st, (de->bitflags >> 1) & 3, srcza, srcidx, &za->error)) == NULL) {
 	    return NULL;
@@ -131,3 +124,3 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
     }
-	
+
     if (_zip_source_set_source_archive(src, srcza) < 0) {
@@ -138,4 +131,11 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
     /* creating a layered source calls zip_keep() on the lower layer, so we free it */
-	
-    if (enc_impl) {
+
+    if (needs_decrypt) {
+	zip_encryption_implementation enc_impl;
+
+	if ((enc_impl = _zip_get_encryption_implementation(st.encryption_method, ZIP_CODEC_DECODE)) == NULL) {
+	    zip_error_set(&za->error, ZIP_ER_ENCRNOTSUPP, 0);
+	    return NULL;
+	}
+
 	s2 = enc_impl(za, src, st.encryption_method, 0, password);
@@ -147,4 +147,4 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
     }
-    if (comp_impl) {
-	s2 = comp_impl(za, src, st.comp_method, 0);
+    if (needs_decompress) {
+	s2 = zip_source_decompress(za, src, st.comp_method);
 	zip_source_free(src);
@@ -155,4 +155,3 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
     }
-    if (((flags & ZIP_FL_COMPRESSED) == 0 || st.comp_method == ZIP_CM_STORE) && (len == 0 || len == st.comp_size)) {
-	/* when reading the whole file, check for CRC errors */
+    if (needs_crc) {
 	s2 = zip_source_crc(za, src, 1);
@@ -165,4 +164,4 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
 
-    if (start+len > 0 && (comp_impl || enc_impl)) {
-	s2 = zip_source_window(za, src, start, len ? len : st.size-start);
+    if (partial_data && (needs_decrypt || needs_decompress)) {
+	s2 = zip_source_window(za, src, start, len);
 	zip_source_free(src);
author	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2018-03-18 23:13:40 +0100
committer	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2018-03-18 23:13:40 +0100
commit	cd7a01c34fc4304ef8161ee617568f274ace5d24 (patch)
tree	41ed56e75a5feedc5f7d4fedb6338569d54d6076 /src/Common/libzip/zip_source_zip_new.c
parent	49a8e52139b960afd3913053380190cf2d03ceda (diff)
download	VeraCrypt-cd7a01c34fc4304ef8161ee617568f274ace5d24.tar.gz VeraCrypt-cd7a01c34fc4304ef8161ee617568f274ace5d24.zip