VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/libzip/zip_source_zip_new.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2018-03-18 23:13:40 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2018-03-18 23:13:40 +0100
commitcd7a01c34fc4304ef8161ee617568f274ace5d24 (patch)
tree41ed56e75a5feedc5f7d4fedb6338569d54d6076 /src/Common/libzip/zip_source_zip_new.c
parent49a8e52139b960afd3913053380190cf2d03ceda (diff)
downloadVeraCrypt-cd7a01c34fc4304ef8161ee617568f274ace5d24.tar.gz
VeraCrypt-cd7a01c34fc4304ef8161ee617568f274ace5d24.zip
Windows: Update libzip to version 1.5.0 that include fixes for some security issues.
Diffstat (limited to 'src/Common/libzip/zip_source_zip_new.c')
-rw-r--r--src/Common/libzip/zip_source_zip_new.c99
1 files changed, 49 insertions, 50 deletions
diff --git a/src/Common/libzip/zip_source_zip_new.c b/src/Common/libzip/zip_source_zip_new.c
index 92562558..a5cfee3a 100644
--- a/src/Common/libzip/zip_source_zip_new.c
+++ b/src/Common/libzip/zip_source_zip_new.c
@@ -1,6 +1,6 @@
/*
zip_source_zip_new.c -- prepare data structures for zip_fopen/zip_source_zip
- Copyright (C) 2012-2016 Dieter Baron and Thomas Klausner
+ Copyright (C) 2012-2017 Dieter Baron and Thomas Klausner
This file is part of libzip, a library to manipulate ZIP archives.
The authors can be contacted at <libzip@nih.at>
@@ -17,7 +17,7 @@
3. The names of the authors may not be used to endorse or promote
products derived from this software without specific prior
written permission.
-
+
THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -38,13 +38,10 @@
zip_source_t *
-_zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t flags, zip_uint64_t start, zip_uint64_t len, const char *password)
-{
- zip_compression_implementation comp_impl;
- zip_encryption_implementation enc_impl;
+_zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t flags, zip_uint64_t start, zip_uint64_t len, const char *password) {
zip_source_t *src, *s2;
- zip_uint64_t offset;
struct zip_stat st;
+ bool partial_data, needs_crc, needs_decrypt, needs_decompress;
if (za == NULL)
return NULL;
@@ -54,13 +51,12 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
return NULL;
}
- if ((flags & ZIP_FL_UNCHANGED) == 0
- && (ZIP_ENTRY_DATA_CHANGED(srcza->entry+srcidx) || srcza->entry[srcidx].deleted)) {
+ if ((flags & ZIP_FL_UNCHANGED) == 0 && (ZIP_ENTRY_DATA_CHANGED(srcza->entry + srcidx) || srcza->entry[srcidx].deleted)) {
zip_error_set(&za->error, ZIP_ER_CHANGED, 0);
return NULL;
}
- if (zip_stat_index(srcza, srcidx, flags|ZIP_FL_UNCHANGED, &st) < 0) {
+ if (zip_stat_index(srcza, srcidx, flags | ZIP_FL_UNCHANGED, &st) < 0) {
zip_error_set(&za->error, ZIP_ER_INTERNAL, 0);
return NULL;
}
@@ -74,70 +70,74 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
}
/* overflow or past end of file */
- if ((start > 0 || len > 0) && (start+len < start || start+len > st.size)) {
+ if ((start > 0 || len > 0) && (start + len < start || start + len > st.size)) {
zip_error_set(&za->error, ZIP_ER_INVAL, 0);
return NULL;
}
- enc_impl = NULL;
- if (((flags & ZIP_FL_ENCRYPTED) == 0) && (st.encryption_method != ZIP_EM_NONE)) {
- if (password == NULL) {
- password = za->default_password;
- }
+ if (len == 0) {
+ len = st.size - start;
+ }
+
+ partial_data = len < st.size;
+ needs_decrypt = ((flags & ZIP_FL_ENCRYPTED) == 0) && (st.encryption_method != ZIP_EM_NONE);
+ needs_decompress = ((flags & ZIP_FL_COMPRESSED) == 0) && (st.comp_method != ZIP_CM_STORE);
+ /* when reading the whole file, check for CRC errors */
+ needs_crc = ((flags & ZIP_FL_COMPRESSED) == 0 || st.comp_method == ZIP_CM_STORE) && !partial_data;
+
+ if (needs_decrypt) {
if (password == NULL) {
- zip_error_set(&za->error, ZIP_ER_NOPASSWD, 0);
- return NULL;
+ password = za->default_password;
}
- if ((enc_impl=_zip_get_encryption_implementation(st.encryption_method, ZIP_CODEC_DECODE)) == NULL) {
- zip_error_set(&za->error, ZIP_ER_ENCRNOTSUPP, 0);
+ if (password == NULL) {
+ zip_error_set(&za->error, ZIP_ER_NOPASSWD, 0);
return NULL;
}
}
- comp_impl = NULL;
- if ((flags & ZIP_FL_COMPRESSED) == 0) {
- if (st.comp_method != ZIP_CM_STORE) {
- if ((comp_impl=_zip_get_compression_implementation(st.comp_method, ZIP_CODEC_DECODE)) == NULL) {
- zip_error_set(&za->error, ZIP_ER_COMPNOTSUPP, 0);
- return NULL;
- }
- }
- }
-
- if ((offset=_zip_file_get_offset(srcza, srcidx, &za->error)) == 0)
- return NULL;
-
if (st.comp_size == 0) {
return zip_source_buffer(za, NULL, 0, 0);
}
- if (start+len > 0 && enc_impl == NULL && comp_impl == NULL) {
+ if (partial_data && !needs_decrypt && !needs_decompress) {
struct zip_stat st2;
-
- st2.size = len ? len : st.size-start;
- st2.comp_size = st2.size;
+
+ st2.size = len;
+ st2.comp_size = len;
st2.comp_method = ZIP_CM_STORE;
st2.mtime = st.mtime;
- st2.valid = ZIP_STAT_SIZE|ZIP_STAT_COMP_SIZE|ZIP_STAT_COMP_METHOD|ZIP_STAT_MTIME;
-
- if ((src = _zip_source_window_new(srcza->src, offset+start, st2.size, &st2, &za->error)) == NULL) {
+ st2.valid = ZIP_STAT_SIZE | ZIP_STAT_COMP_SIZE | ZIP_STAT_COMP_METHOD | ZIP_STAT_MTIME;
+
+ if ((src = _zip_source_window_new(srcza->src, start, len, &st2, 0, srcza, srcidx, &za->error)) == NULL) {
return NULL;
}
}
else {
- if ((src = _zip_source_window_new(srcza->src, offset, st.comp_size, &st, &za->error)) == NULL) {
+ zip_dirent_t *de;
+
+ if ((de = _zip_get_dirent(srcza, srcidx, flags, &za->error)) == NULL) {
+ return NULL;
+ }
+ if ((src = _zip_source_window_new(srcza->src, 0, st.comp_size, &st, (de->bitflags >> 1) & 3, srcza, srcidx, &za->error)) == NULL) {
return NULL;
}
}
-
+
if (_zip_source_set_source_archive(src, srcza) < 0) {
zip_source_free(src);
return NULL;
}
/* creating a layered source calls zip_keep() on the lower layer, so we free it */
-
- if (enc_impl) {
+
+ if (needs_decrypt) {
+ zip_encryption_implementation enc_impl;
+
+ if ((enc_impl = _zip_get_encryption_implementation(st.encryption_method, ZIP_CODEC_DECODE)) == NULL) {
+ zip_error_set(&za->error, ZIP_ER_ENCRNOTSUPP, 0);
+ return NULL;
+ }
+
s2 = enc_impl(za, src, st.encryption_method, 0, password);
zip_source_free(src);
if (s2 == NULL) {
@@ -145,16 +145,15 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
}
src = s2;
}
- if (comp_impl) {
- s2 = comp_impl(za, src, st.comp_method, 0);
+ if (needs_decompress) {
+ s2 = zip_source_decompress(za, src, st.comp_method);
zip_source_free(src);
if (s2 == NULL) {
return NULL;
}
src = s2;
}
- if (((flags & ZIP_FL_COMPRESSED) == 0 || st.comp_method == ZIP_CM_STORE) && (len == 0 || len == st.comp_size)) {
- /* when reading the whole file, check for CRC errors */
+ if (needs_crc) {
s2 = zip_source_crc(za, src, 1);
zip_source_free(src);
if (s2 == NULL) {
@@ -163,8 +162,8 @@ _zip_source_zip_new(zip_t *za, zip_t *srcza, zip_uint64_t srcidx, zip_flags_t fl
src = s2;
}
- if (start+len > 0 && (comp_impl || enc_impl)) {
- s2 = zip_source_window(za, src, start, len ? len : st.size-start);
+ if (partial_data && (needs_decrypt || needs_decompress)) {
+ s2 = zip_source_window(za, src, start, len);
zip_source_free(src);
if (s2 == NULL) {
return NULL;