diff options
Diffstat (limited to 'src/Common/libzip/zip_dirent.c')
| -rw-r--r-- | src/Common/libzip/zip_dirent.c | 202 |
1 files changed, 135 insertions, 67 deletions
diff --git a/src/Common/libzip/zip_dirent.c b/src/Common/libzip/zip_dirent.c index 45a2a6a2..24bc6abf 100644 --- a/src/Common/libzip/zip_dirent.c +++ b/src/Common/libzip/zip_dirent.c @@ -2,3 +2,3 @@ zip_dirent.c -- read directory entry (local or central), clean dirent - Copyright (C) 1999-2021 Dieter Baron and Thomas Klausner + Copyright (C) 1999-2024 Dieter Baron and Thomas Klausner @@ -43,3 +43,3 @@ -static zip_string_t *_zip_dirent_process_ef_utf_8(const zip_dirent_t *de, zip_uint16_t id, zip_string_t *str); +static zip_string_t *_zip_dirent_process_ef_utf_8(const zip_dirent_t *de, zip_uint16_t id, zip_string_t *str, bool check_consistency); static zip_extra_field_t *_zip_ef_utf8(zip_uint16_t, zip_string_t *, zip_error_t *); @@ -52,4 +52,5 @@ _zip_cdir_free(zip_cdir_t *cd) { - if (!cd) + if (cd == NULL) { return; + } @@ -64,3 +65,3 @@ _zip_cdir_free(zip_cdir_t *cd) { zip_cdir_t * -_zip_cdir_new(zip_uint64_t nentry, zip_error_t *error) { +_zip_cdir_new(zip_error_t *error) { zip_cdir_t *cd; @@ -78,7 +79,2 @@ _zip_cdir_new(zip_uint64_t nentry, zip_error_t *error) { - if (!_zip_cdir_grow(cd, nentry, error)) { - _zip_cdir_free(cd); - return NULL; - } - return cd; @@ -128,4 +124,2 @@ _zip_cdir_write(zip_t *za, const zip_filelist_t *filelist, zip_uint64_t survivor zip_uint64_t i; - bool is_zip64; - int ret; zip_uint32_t cdir_crc; @@ -138,4 +132,2 @@ _zip_cdir_write(zip_t *za, const zip_filelist_t *filelist, zip_uint64_t survivor - is_zip64 = false; - if (ZIP_WANT_TORRENTZIP(za)) { @@ -148,6 +140,6 @@ _zip_cdir_write(zip_t *za, const zip_filelist_t *filelist, zip_uint64_t survivor - if ((ret = _zip_dirent_write(za, entry->changes ? entry->changes : entry->orig, ZIP_FL_CENTRAL)) < 0) + if (_zip_dirent_write(za, entry->changes ? entry->changes : entry->orig, ZIP_FL_CENTRAL) < 0) { + za->write_crc = NULL; return -1; - if (ret) - is_zip64 = true; + } } @@ -162,6 +154,2 @@ _zip_cdir_write(zip_t *za, const zip_filelist_t *filelist, zip_uint64_t survivor - if (offset > ZIP_UINT32_MAX || survivors > ZIP_UINT16_MAX) { - is_zip64 = true; - } - if ((buffer = _zip_buffer_new(buf, sizeof(buf))) == NULL) { @@ -171,3 +159,3 @@ _zip_cdir_write(zip_t *za, const zip_filelist_t *filelist, zip_uint64_t survivor - if (is_zip64) { + if (survivors > ZIP_UINT16_MAX || offset > ZIP_UINT32_MAX || size > ZIP_UINT32_MAX) { _zip_buffer_put(buffer, EOCD64_MAGIC, 4); @@ -296,2 +284,3 @@ _zip_dirent_init(zip_dirent_t *de) { de->crc_valid = true; + de->last_mod_mtime_valid = false; de->version_madeby = 63 | (ZIP_OPSYS_DEFAULT << 8); @@ -300,3 +289,4 @@ _zip_dirent_init(zip_dirent_t *de) { de->comp_method = ZIP_CM_DEFAULT; - de->last_mod = 0; + de->last_mod.date = 0; + de->last_mod.time = 0; de->crc = 0; @@ -338,3 +328,3 @@ _zip_dirent_new(void) { -/* _zip_dirent_read(zde, fp, bufp, left, localp, error): +/* Fills the zip directory entry zde. @@ -349,7 +339,8 @@ _zip_dirent_new(void) { zip_int64_t -_zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, bool local, zip_error_t *error) { +_zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, bool local, zip_uint64_t central_compressed_size, bool check_consistency, zip_error_t *error) { zip_uint8_t buf[CDENTRYSIZE]; - zip_uint16_t dostime, dosdate; zip_uint32_t size, variable_size; zip_uint16_t filename_len, comment_len, ef_len; + zip_string_t *utf8_string; + bool is_zip64 = false; @@ -391,5 +382,4 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo /* convert to time_t */ - dostime = _zip_buffer_get_16(buffer); - dosdate = _zip_buffer_get_16(buffer); - zde->last_mod = _zip_d2u_time(dostime, dosdate); + zde->last_mod.time = _zip_buffer_get_16(buffer); + zde->last_mod.date = _zip_buffer_get_16(buffer); @@ -460,3 +450,3 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo zde->filename = _zip_read_string(buffer, src, filename_len, 1, error); - if (!zde->filename) { + if (zde->filename == NULL) { if (zip_error_code_zip(error) == ZIP_ER_EOF) { @@ -504,3 +494,3 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo zde->comment = _zip_read_string(buffer, src, comment_len, 0, error); - if (!zde->comment) { + if (zde->comment == NULL) { if (!from_buffer) { @@ -521,4 +511,20 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo - zde->filename = _zip_dirent_process_ef_utf_8(zde, ZIP_EF_UTF_8_NAME, zde->filename); - zde->comment = _zip_dirent_process_ef_utf_8(zde, ZIP_EF_UTF_8_COMMENT, zde->comment); + if ((utf8_string = _zip_dirent_process_ef_utf_8(zde, ZIP_EF_UTF_8_NAME, zde->filename, check_consistency)) == NULL && zde->filename != NULL) { + zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_UTF8_FILENAME_MISMATCH); + if (!from_buffer) { + _zip_buffer_free(buffer); + } + return -1; + } + zde->filename = utf8_string; + if (!local) { + if ((utf8_string = _zip_dirent_process_ef_utf_8(zde, ZIP_EF_UTF_8_COMMENT, zde->comment, check_consistency)) == NULL && zde->comment != NULL) { + zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_UTF8_COMMENT_MISMATCH); + if (!from_buffer) { + _zip_buffer_free(buffer); + } + return -1; + } + zde->comment = utf8_string; + } @@ -537,2 +543,3 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo } + is_zip64 = true; } @@ -547,2 +554,3 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo } + if (!from_buffer) { @@ -551,2 +559,31 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo + if (local && zde->bitflags & ZIP_GPBF_DATA_DESCRIPTOR) { + zip_uint32_t df_crc; + zip_uint64_t df_comp_size, df_uncomp_size; + if (zip_source_seek(src, central_compressed_size, SEEK_CUR) != 0 || (buffer = _zip_buffer_new_from_source(src, MAX_DATA_DESCRIPTOR_LENGTH, buf, error)) == NULL) { + return -1; + } + if (memcmp(_zip_buffer_peek(buffer, MAGIC_LEN), DATADES_MAGIC, MAGIC_LEN) == 0) { + _zip_buffer_skip(buffer, MAGIC_LEN); + } + df_crc = _zip_buffer_get_32(buffer); + df_comp_size = is_zip64 ? _zip_buffer_get_64(buffer) : _zip_buffer_get_32(buffer); + df_uncomp_size = is_zip64 ? _zip_buffer_get_64(buffer) : _zip_buffer_get_32(buffer); + + if (!_zip_buffer_ok(buffer)) { + zip_error_set(error, ZIP_ER_INTERNAL, 0); + _zip_buffer_free(buffer); + return -1; + } + _zip_buffer_free(buffer); + + if ((zde->crc != 0 && zde->crc != df_crc) || (zde->comp_size != 0 && zde->comp_size != df_comp_size) || (zde->uncomp_size != 0 && zde->uncomp_size != df_uncomp_size)) { + zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_DATA_DESCRIPTOR_MISMATCH); + return -1; + } + zde->crc = df_crc; + zde->comp_size = df_comp_size; + zde->uncomp_size = df_uncomp_size; + } + /* zip_source_seek / zip_source_tell don't support values > ZIP_INT64_MAX */ @@ -566,3 +603,4 @@ _zip_dirent_read(zip_dirent_t *zde, zip_source_t *src, zip_buffer_t *buffer, boo -bool zip_dirent_process_ef_zip64(zip_dirent_t* zde, const zip_uint8_t* ef, zip_uint64_t got_len, bool local, zip_error_t* error) { +bool +zip_dirent_process_ef_zip64(zip_dirent_t *zde, const zip_uint8_t *ef, zip_uint64_t got_len, bool local, zip_error_t *error) { zip_buffer_t *ef_buffer; @@ -627,3 +665,3 @@ bool zip_dirent_process_ef_zip64(zip_dirent_t* zde, const zip_uint8_t* ef, zip_u static zip_string_t * -_zip_dirent_process_ef_utf_8(const zip_dirent_t *de, zip_uint16_t id, zip_string_t *str) { +_zip_dirent_process_ef_utf_8(const zip_dirent_t *de, zip_uint16_t id, zip_string_t *str, bool check_consistency) { zip_uint16_t ef_len; @@ -650,2 +688,10 @@ _zip_dirent_process_ef_utf_8(const zip_dirent_t *de, zip_uint16_t id, zip_string if (ef_str != NULL) { + if (check_consistency) { + if (!_zip_string_equal(str, ef_str) && _zip_string_is_ascii(ef_str)) { + _zip_string_free(ef_str); + _zip_buffer_free(buffer); + return NULL; + } + } + _zip_string_free(str); @@ -690,14 +736,14 @@ _zip_dirent_process_winzip_aes(zip_dirent_t *de, zip_error_t *error) { switch (_zip_buffer_get_16(buffer)) { - case 1: - break; + case 1: + break; - case 2: - crc_valid = false; - /* TODO: When checking consistency, check that crc is 0. */ - break; - - default: - zip_error_set(error, ZIP_ER_ENCRNOTSUPP, 0); - _zip_buffer_free(buffer); - return false; + case 2: + crc_valid = false; + /* TODO: When checking consistency, check that crc is 0. */ + break; + + default: + zip_error_set(error, ZIP_ER_ENCRNOTSUPP, 0); + _zip_buffer_free(buffer); + return false; } @@ -789,3 +835,3 @@ int _zip_dirent_write(zip_t *za, zip_dirent_t *de, zip_flags_t flags) { - zip_uint16_t dostime, dosdate; + zip_dostime_t dostime; zip_encoding_type_t com_enc, name_enc; @@ -928,10 +974,10 @@ _zip_dirent_write(zip_t *za, zip_dirent_t *de, zip_flags_t flags) { if (ZIP_WANT_TORRENTZIP(za)) { - dostime = 0xbc00; - dosdate = 0x2198; + dostime.time = 0xbc00; + dostime.date = 0x2198; } else { - _zip_u2d_time(de->last_mod, &dostime, &dosdate); + dostime = de->last_mod; } - _zip_buffer_put_16(buffer, dostime); - _zip_buffer_put_16(buffer, dosdate); + _zip_buffer_put_16(buffer, dostime.time); + _zip_buffer_put_16(buffer, dostime.date); @@ -1036,3 +1082,3 @@ _zip_dirent_write(zip_t *za, zip_dirent_t *de, zip_flags_t flags) { time_t -_zip_d2u_time(zip_uint16_t dtime, zip_uint16_t ddate) { +_zip_d2u_time(const zip_dostime_t *dtime) { struct tm tm; @@ -1044,9 +1090,9 @@ _zip_d2u_time(zip_uint16_t dtime, zip_uint16_t ddate) { - tm.tm_year = ((ddate >> 9) & 127) + 1980 - 1900; - tm.tm_mon = ((ddate >> 5) & 15) - 1; - tm.tm_mday = ddate & 31; + tm.tm_year = ((dtime->date >> 9) & 127) + 1980 - 1900; + tm.tm_mon = ((dtime->date >> 5) & 15) - 1; + tm.tm_mday = dtime->date & 31; - tm.tm_hour = (dtime >> 11) & 31; - tm.tm_min = (dtime >> 5) & 63; - tm.tm_sec = (dtime << 1) & 62; + tm.tm_hour = (dtime->time >> 11) & 31; + tm.tm_min = (dtime->time >> 5) & 63; + tm.tm_sec = (dtime->time << 1) & 62; @@ -1121,4 +1167,4 @@ _zip_get_dirent(zip_t *za, zip_uint64_t idx, zip_flags_t flags, zip_error_t *err -void -_zip_u2d_time(time_t intime, zip_uint16_t *dtime, zip_uint16_t *ddate) { +int +_zip_u2d_time(time_t intime, zip_dostime_t *dtime, zip_error_t *ze) { struct tm *tpm; @@ -1128,5 +1174,8 @@ _zip_u2d_time(time_t intime, zip_uint16_t *dtime, zip_uint16_t *ddate) { /* if localtime fails, return an arbitrary date (1980-01-01 00:00:00) */ - *ddate = (1 << 5) + 1; - *dtime = 0; - return; + dtime->date = (1 << 5) + 1; + dtime->time = 0; + if (ze) { + zip_error_set(ze, ZIP_ER_INVAL, errno); + } + return -1; } @@ -1136,4 +1185,6 @@ _zip_u2d_time(time_t intime, zip_uint16_t *dtime, zip_uint16_t *ddate) { - *ddate = (zip_uint16_t)(((tpm->tm_year + 1900 - 1980) << 9) + ((tpm->tm_mon + 1) << 5) + tpm->tm_mday); - *dtime = (zip_uint16_t)(((tpm->tm_hour) << 11) + ((tpm->tm_min) << 5) + ((tpm->tm_sec) >> 1)); + dtime->date = (zip_uint16_t)(((tpm->tm_year + 1900 - 1980) << 9) + ((tpm->tm_mon + 1) << 5) + tpm->tm_mday); + dtime->time = (zip_uint16_t)(((tpm->tm_hour) << 11) + ((tpm->tm_min) << 5) + ((tpm->tm_sec) >> 1)); + + return 0; } @@ -1194,6 +1245,7 @@ _zip_dirent_apply_attributes(zip_dirent_t *de, zip_file_attributes_t *attributes -void zip_dirent_torrentzip_normalize(zip_dirent_t *de) { +void +zip_dirent_torrentzip_normalize(zip_dirent_t *de) { de->version_madeby = 0; de->version_needed = 20; /* 2.0 */ - de->bitflags = 2; /* maximum compression */ + de->bitflags = 2; /* maximum compression */ de->comp_method = ZIP_CM_DEFLATE; @@ -1205,3 +1257,19 @@ void zip_dirent_torrentzip_normalize(zip_dirent_t *de) { /* last_mod, extra_fields, and comment are normalized in zip_dirent_write() directly */ +} +int +zip_dirent_check_consistency(zip_dirent_t *dirent) { + if (dirent->comp_method == ZIP_CM_STORE && dirent->comp_size != dirent->uncomp_size) { + return ZIP_ER_DETAIL_STORED_SIZE_MISMATCH; + } + return 0; } + +time_t zip_dirent_get_last_mod_mtime(zip_dirent_t *de) { + if (!de->last_mod_mtime_valid) { + de->last_mod_mtime = _zip_d2u_time(&de->last_mod); + de->last_mod_mtime_valid = true; + } + + return de->last_mod_mtime; +}
\ No newline at end of file |