VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/libzip/zip_open.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/Common/libzip/zip_open.c')
-rw-r--r--src/Common/libzip/zip_open.c491
1 files changed, 273 insertions, 218 deletions
diff --git a/src/Common/libzip/zip_open.c b/src/Common/libzip/zip_open.c
index ee7e9dec..9dccad61 100644
--- a/src/Common/libzip/zip_open.c
+++ b/src/Common/libzip/zip_open.c
@@ -1,6 +1,6 @@
/*
zip_open.c -- open zip archive by name
- Copyright (C) 1999-2022 Dieter Baron and Thomas Klausner
+ Copyright (C) 1999-2024 Dieter Baron and Thomas Klausner
This file is part of libzip, a library to manipulate ZIP archives.
The authors can be contacted at <info@libzip.org>
@@ -31,7 +31,6 @@
IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
@@ -39,17 +38,30 @@
#include "zipint.h"
-typedef enum { EXISTS_ERROR = -1, EXISTS_NOT = 0, EXISTS_OK } exists_t;
+typedef enum {
+ EXISTS_ERROR = -1,
+ EXISTS_NOT = 0,
+ EXISTS_OK
+} exists_t;
+typedef enum {
+ CDIR_OK,
+ CDIR_INVALID,
+ CDIR_NOT_FOUND
+
+} cdir_status_t;
+
+static bool check_eocd(zip_cdir_t *cd, unsigned int flags, zip_error_t *error);
+static bool check_magic(zip_uint64_t offset, zip_buffer_t *buffer, zip_uint64_t buffer_offset, zip_source_t *src, const char* magic);
static zip_t *_zip_allocate_new(zip_source_t *src, unsigned int flags, zip_error_t *error);
static zip_int64_t _zip_checkcons(zip_t *za, zip_cdir_t *cdir, zip_error_t *error);
static void zip_check_torrentzip(zip_t *za, const zip_cdir_t *cdir);
static zip_cdir_t *_zip_find_central_dir(zip_t *za, zip_uint64_t len);
static exists_t _zip_file_exists(zip_source_t *src, zip_error_t *error);
static int _zip_headercomp(const zip_dirent_t *, const zip_dirent_t *);
-static const unsigned char *_zip_memmem(const unsigned char *, size_t, const unsigned char *, size_t);
-static zip_cdir_t *_zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_error_t *error);
-static zip_cdir_t *_zip_read_eocd(zip_buffer_t *buffer, zip_uint64_t buf_offset, unsigned int flags, zip_error_t *error);
-static zip_cdir_t *_zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offset, unsigned int flags, zip_error_t *error);
+static bool _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_cdir_t **cdirp, zip_error_t *error);
+static zip_cdir_t *_zip_read_eocd(zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_error_t *error);
+static cdir_status_t _zip_read_eocd64(zip_cdir_t *cdir, zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offset, unsigned int flags, zip_error_t *error);
+static const unsigned char *find_eocd(zip_buffer_t *buffer, const unsigned char *last);
ZIP_EXTERN zip_t *
@@ -144,6 +156,27 @@ zip_open_from_source(zip_source_t *src, int _flags, zip_error_t *error) {
}
+static bool
+_is_truncated_zip(zip_source_t *src) {
+ unsigned char data[4];
+ /* check if the source is a truncated zip archive: true if yes, no
+ if not or can't be determined */
+ if (zip_source_seek(src, 0, SEEK_SET) < 0) {
+ return false;
+ }
+
+ if (zip_source_read(src, data, 4) != 4) {
+ return false;
+ }
+
+ if (memcmp(data, LOCAL_MAGIC, 4) == 0) {
+ /* file starts with a ZIP local header signature */
+ return true;
+ }
+ return false;
+}
+
+
zip_t *
_zip_open(zip_source_t *src, unsigned int flags, zip_error_t *error) {
zip_t *za;
@@ -174,6 +207,12 @@ _zip_open(zip_source_t *src, unsigned int flags, zip_error_t *error) {
if ((cdir = _zip_find_central_dir(za, len)) == NULL) {
_zip_error_copy(error, &za->error);
+ if (zip_error_code_zip(error) == ZIP_ER_NOZIP) {
+ /* not a zip - find out if it's truncated */
+ if (_is_truncated_zip(src)) {
+ zip_error_set(error, ZIP_ER_TRUNCATED_ZIP, 0);
+ }
+ }
/* keep src so discard does not get rid of it */
zip_source_keep(src);
zip_discard(za);
@@ -228,14 +267,14 @@ void
_zip_set_open_error(int *zep, const zip_error_t *err, int ze) {
if (err) {
ze = zip_error_code_zip(err);
- switch (zip_error_system_type(err)) {
- case ZIP_ET_SYS:
- case ZIP_ET_LIBZIP:
- errno = zip_error_code_system(err);
- break;
-
- default:
- break;
+ switch (zip_error_system_type(err)) {
+ case ZIP_ET_SYS:
+ case ZIP_ET_LIBZIP:
+ errno = zip_error_code_system(err);
+ break;
+
+ default:
+ break;
}
}
@@ -250,37 +289,67 @@ _zip_set_open_error(int *zep, const zip_error_t *err, int ze) {
Returns a struct zip_cdir which contains the central directory
entries, or NULL if unsuccessful. */
-static zip_cdir_t *
-_zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_error_t *error) {
+static bool _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_cdir_t **cdirp, zip_error_t *error) {
zip_cdir_t *cd;
zip_uint16_t comment_len;
zip_uint64_t i, left;
zip_uint64_t eocd_offset = _zip_buffer_offset(buffer);
zip_buffer_t *cd_buffer;
+ bool eocd64_found = false;
- if (_zip_buffer_left(buffer) < EOCDLEN) {
- /* not enough bytes left for comment */
- zip_error_set(error, ZIP_ER_NOZIP, 0);
- return NULL;
- }
+ *cdirp = NULL;
- /* check for end-of-central-dir magic */
- if (memcmp(_zip_buffer_get(buffer, 4), EOCD_MAGIC, 4) != 0) {
- zip_error_set(error, ZIP_ER_NOZIP, 0);
- return NULL;
+ if ((cd = _zip_read_eocd(buffer, buf_offset, error)) == NULL) {
+ return false;
}
if (eocd_offset >= EOCD64LOCLEN && memcmp(_zip_buffer_data(buffer) + eocd_offset - EOCD64LOCLEN, EOCD64LOC_MAGIC, 4) == 0) {
+ eocd64_found = true;
_zip_buffer_set_offset(buffer, eocd_offset - EOCD64LOCLEN);
- cd = _zip_read_eocd64(za->src, buffer, buf_offset, za->flags, error);
+ switch (_zip_read_eocd64(cd, za->src, buffer, buf_offset, za->flags, error)) {
+ case CDIR_OK:
+ break;
+
+ case CDIR_INVALID:
+ _zip_cdir_free(cd);
+ return true;
+
+ case CDIR_NOT_FOUND:
+ _zip_cdir_free(cd);
+ return false;
+ }
}
- else {
- _zip_buffer_set_offset(buffer, eocd_offset);
- cd = _zip_read_eocd(buffer, buf_offset, za->flags, error);
+
+ if ((cd->eocd_disk != 0 || cd->this_disk != 0) && !eocd64_found && cd->eocd_disk != cd->this_disk) {
+ /* If the central directory doesn't start on this disk, we can't check that offset is valid. Check as much as we can instead. */
+ if (cd->this_disk < cd->eocd_disk) {
+ /* Disks before the start of the central directory don't contain an EOCD. */
+ _zip_cdir_free(cd);
+ return false;
+ }
+ if (cd->size <= cd->eocd_offset) {
+ /* The complete central directory would fit on this disk. */
+ _zip_cdir_free(cd);
+ return false;
+ }
}
- if (cd == NULL)
- return NULL;
+ if (!eocd64_found) {
+ if (cd->this_disk == 0 && cd->eocd_disk == 0 && cd->eocd_offset == 0 && cd->offset == 0 && cd->num_entries == 0) {
+ /* An empty archive doesn't contain central directory entries. */
+ }
+ else if (!check_magic(cd->offset, buffer, buf_offset, za->src, CENTRAL_MAGIC)) {
+ _zip_cdir_free(cd);
+ return false;
+ }
+ }
+
+ /* We accept this EOCD as valid and won't search for an earlier one if it is unusable. */
+
+ if (!check_eocd(cd, za->flags, error)) {
+ _zip_cdir_free(cd);
+ return true;
+ }
_zip_buffer_set_offset(buffer, eocd_offset + 20);
comment_len = _zip_buffer_get_16(buffer);
@@ -289,7 +358,7 @@ _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_err
/* cdir spans past EOCD record */
zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_CDIR_OVERLAPS_EOCD);
_zip_cdir_free(cd);
- return NULL;
+ return true;
}
if (comment_len || (za->open_flags & ZIP_CHECKCONS)) {
@@ -298,16 +367,21 @@ _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_err
_zip_buffer_set_offset(buffer, eocd_offset + EOCDLEN);
tail_len = _zip_buffer_left(buffer);
- if (tail_len < comment_len || ((za->open_flags & ZIP_CHECKCONS) && tail_len != comment_len)) {
- zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_COMMENT_LENGTH_INVALID);
- _zip_cdir_free(cd);
- return NULL;
+ if (tail_len != comment_len) {
+ if (za->open_flags & ZIP_CHECKCONS) {
+ zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_COMMENT_LENGTH_INVALID);
+ _zip_cdir_free(cd);
+ return true;
+ }
+ if (tail_len < comment_len) {
+ comment_len = tail_len;
+ }
}
if (comment_len) {
if ((cd->comment = _zip_string_new(_zip_buffer_get(buffer, comment_len), comment_len, ZIP_FL_ENC_GUESS, error)) == NULL) {
_zip_cdir_free(cd);
- return NULL;
+ return true;
}
}
}
@@ -320,12 +394,12 @@ _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_err
if ((data = _zip_buffer_get(buffer, cd->size)) == NULL) {
zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_CDIR_LENGTH_INVALID);
_zip_cdir_free(cd);
- return NULL;
+ return true;
}
if ((cd_buffer = _zip_buffer_new(data, cd->size)) == NULL) {
zip_error_set(error, ZIP_ER_MEMORY, 0);
_zip_cdir_free(cd);
- return NULL;
+ return true;
}
}
else {
@@ -334,17 +408,22 @@ _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_err
if (zip_source_seek(za->src, (zip_int64_t)cd->offset, SEEK_SET) < 0) {
zip_error_set_from_source(error, za->src);
_zip_cdir_free(cd);
- return NULL;
+ return true;
}
/* possible consistency check: cd->offset = len-(cd->size+cd->comment_len+EOCDLEN) ? */
if (zip_source_tell(za->src) != (zip_int64_t)cd->offset) {
zip_error_set(error, ZIP_ER_NOZIP, 0);
_zip_cdir_free(cd);
- return NULL;
+ return true;
}
}
+ if (!_zip_cdir_grow(cd, cd->num_entries, error)) {
+ _zip_cdir_free(cd);
+ _zip_buffer_free(cd_buffer);
+ return true;
+ }
left = (zip_uint64_t)cd->size;
i = 0;
while (left > 0) {
@@ -362,31 +441,32 @@ _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_err
if (!_zip_cdir_grow(cd, 0x10000, error)) {
_zip_cdir_free(cd);
_zip_buffer_free(cd_buffer);
- return NULL;
+ return true;
}
grown = true;
}
- if ((cd->entry[i].orig = _zip_dirent_new()) == NULL || (entry_size = _zip_dirent_read(cd->entry[i].orig, za->src, cd_buffer, false, error)) < 0) {
- if (zip_error_code_zip(error) == ZIP_ER_INCONS) {
- zip_error_set(error, ZIP_ER_INCONS, ADD_INDEX_TO_DETAIL(zip_error_code_system(error), i));
- }
- else if (grown && zip_error_code_zip(error) == ZIP_ER_NOZIP) {
+ if ((cd->entry[i].orig = _zip_dirent_new()) == NULL || (entry_size = _zip_dirent_read(cd->entry[i].orig, za->src, cd_buffer, false, 0, za->open_flags & ZIP_CHECKCONS, error)) < 0) {
+ if (zip_error_code_zip(error) == ZIP_ER_INCONS) {
+ zip_error_set(error, ZIP_ER_INCONS, ADD_INDEX_TO_DETAIL(zip_error_code_system(error), i));
+ }
+ else if (grown && zip_error_code_zip(error) == ZIP_ER_NOZIP) {
zip_error_set(error, ZIP_ER_INCONS, MAKE_DETAIL_WITH_INDEX(ZIP_ER_DETAIL_CDIR_ENTRY_INVALID, i));
}
_zip_cdir_free(cd);
_zip_buffer_free(cd_buffer);
- return NULL;
+ return true;
}
i++;
left -= (zip_uint64_t)entry_size;
}
+ /* If we didn't fill all we grew, cd->num_entries was wrong. */
if (i != cd->nentry || left > 0) {
zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_CDIR_WRONG_ENTRIES_COUNT);
_zip_buffer_free(cd_buffer);
_zip_cdir_free(cd);
- return NULL;
+ return true;
}
if (za->open_flags & ZIP_CHECKCONS) {
@@ -401,7 +481,7 @@ _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_err
if (offset < 0) {
zip_error_set_from_source(error, za->src);
_zip_cdir_free(cd);
- return NULL;
+ return true;
}
ok = ((zip_uint64_t)offset == cd->offset + cd->size);
}
@@ -410,12 +490,32 @@ _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_err
zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_CDIR_LENGTH_INVALID);
_zip_buffer_free(cd_buffer);
_zip_cdir_free(cd);
- return NULL;
+ return true;
}
}
_zip_buffer_free(cd_buffer);
- return cd;
+ *cdirp = cd;
+ return true;
+}
+
+
+static bool check_magic(zip_uint64_t offset, zip_buffer_t *buffer, zip_uint64_t buffer_offset, zip_source_t *src, const char* magic) {
+ if (buffer_offset <= offset) {
+ zip_uint8_t* data;
+ if (_zip_buffer_set_offset(buffer, offset - buffer_offset) < 0 || (data = _zip_buffer_get(buffer, MAGIC_LEN)) == NULL) {
+ return false;
+ }
+ return memcmp(data, magic, MAGIC_LEN) == 0;
+ }
+ else {
+ zip_uint8_t data[MAGIC_LEN];
+
+ if (zip_source_seek(src, offset, SEEK_SET) < 0 || zip_source_read(src, data, MAGIC_LEN) != MAGIC_LEN) {
+ return false;
+ }
+ return memcmp(data, magic, MAGIC_LEN) == 0;
+ }
}
@@ -430,6 +530,7 @@ _zip_checkcons(zip_t *za, zip_cdir_t *cd, zip_error_t *error) {
zip_uint64_t i;
zip_uint64_t min, max, j;
struct zip_dirent temp;
+ int detail;
_zip_dirent_init(&temp);
if (cd->nentry) {
@@ -460,10 +561,10 @@ _zip_checkcons(zip_t *za, zip_cdir_t *cd, zip_error_t *error) {
return -1;
}
- if (_zip_dirent_read(&temp, za->src, NULL, true, error) == -1) {
- if (zip_error_code_zip(error) == ZIP_ER_INCONS) {
- zip_error_set(error, ZIP_ER_INCONS, ADD_INDEX_TO_DETAIL(zip_error_code_system(error), i));
- }
+ if (_zip_dirent_read(&temp, za->src, NULL, true, cd->entry[i].orig->comp_size, true, error) == -1) {
+ if (zip_error_code_zip(error) == ZIP_ER_INCONS) {
+ zip_error_set(error, ZIP_ER_INCONS, ADD_INDEX_TO_DETAIL(zip_error_code_system(error), i));
+ }
_zip_dirent_finalize(&temp);
return -1;
}
@@ -479,6 +580,11 @@ _zip_checkcons(zip_t *za, zip_cdir_t *cd, zip_error_t *error) {
temp.extra_fields = NULL;
_zip_dirent_finalize(&temp);
+
+ if ((detail = zip_dirent_check_consistency(cd->entry[i].orig)) != 0) {
+ zip_error_set(error, ZIP_ER_INCONS, MAKE_DETAIL_WITH_INDEX(detail, i));
+ return -1;
+ }
}
return (max - min) < ZIP_INT64_MAX ? (zip_int64_t)(max - min) : ZIP_INT64_MAX;
@@ -497,25 +603,23 @@ _zip_headercomp(const zip_dirent_t *central, const zip_dirent_t *local) {
and global headers for the bitflags */
|| (central->bitflags != local->bitflags)
#endif
- || (central->comp_method != local->comp_method) || (central->last_mod != local->last_mod) || !_zip_string_equal(central->filename, local->filename))
+ || (central->comp_method != local->comp_method) || (central->last_mod.time != local->last_mod.time) || (central->last_mod.date != local->last_mod.date) || !_zip_string_equal(central->filename, local->filename))
return -1;
if ((central->crc != local->crc) || (central->comp_size != local->comp_size) || (central->uncomp_size != local->uncomp_size)) {
/* InfoZip stores valid values in local header even when data descriptor is used.
This is in violation of the appnote.
- macOS Archive sets the compressed size even when data descriptor is used ( but not the others),
- also in violation of the appnote.
- */
- /* if data descriptor is not used, the values must match */
+ macOS Archive sets the compressed size even when data descriptor is used ( but not the others),
+ also in violation of the appnote.
+ */
+ /* if data descriptor is not used, the values must match */
if ((local->bitflags & ZIP_GPBF_DATA_DESCRIPTOR) == 0) {
return -1;
- }
- /* when using a data descriptor, the local header value must be zero or match */
- if ((local->crc != 0 && central->crc != local->crc) ||
- (local->comp_size != 0 && central->comp_size != local->comp_size) ||
- (local->uncomp_size != 0 && central->uncomp_size != local->uncomp_size)) {
- return -1;
- }
+ }
+ /* when using a data descriptor, the local header value must be zero or match */
+ if ((local->crc != 0 && central->crc != local->crc) || (local->comp_size != 0 && central->comp_size != local->comp_size) || (local->uncomp_size != 0 && central->uncomp_size != local->uncomp_size)) {
+ return -1;
+ }
}
return 0;
@@ -568,12 +672,10 @@ _zip_file_exists(zip_source_t *src, zip_error_t *error) {
static zip_cdir_t *
_zip_find_central_dir(zip_t *za, zip_uint64_t len) {
- zip_cdir_t *cdir, *cdirnew;
+ zip_cdir_t *cdir;
const zip_uint8_t *match;
zip_int64_t buf_offset;
zip_uint64_t buflen;
- zip_int64_t a;
- zip_int64_t best;
zip_error_t error;
zip_buffer_t *buffer;
@@ -600,7 +702,6 @@ _zip_find_central_dir(zip_t *za, zip_uint64_t len) {
return NULL;
}
- best = -1;
cdir = NULL;
if (buflen >= CDBUFSIZE) {
/* EOCD64 locator is before EOCD, so leave place for it */
@@ -608,165 +709,139 @@ _zip_find_central_dir(zip_t *za, zip_uint64_t len) {
}
zip_error_set(&error, ZIP_ER_NOZIP, 0);
- match = _zip_buffer_get(buffer, 0);
- /* The size of buffer never greater than CDBUFSIZE. */
- while (_zip_buffer_left(buffer) >= EOCDLEN && (match = _zip_memmem(match, (size_t)_zip_buffer_left(buffer) - (EOCDLEN - 4), (const unsigned char *)EOCD_MAGIC, 4)) != NULL) {
+ match = NULL;
+ while ((match = find_eocd(buffer, match)) != NULL) {
_zip_buffer_set_offset(buffer, (zip_uint64_t)(match - _zip_buffer_data(buffer)));
- if ((cdirnew = _zip_read_cdir(za, buffer, (zip_uint64_t)buf_offset, &error)) != NULL) {
- if (cdir) {
- if (best <= 0) {
- best = _zip_checkcons(za, cdir, &error);
- }
-
- a = _zip_checkcons(za, cdirnew, &error);
- if (best < a) {
- _zip_cdir_free(cdir);
- cdir = cdirnew;
- best = a;
- }
- else {
- _zip_cdir_free(cdirnew);
- }
+ if (_zip_read_cdir(za, buffer, (zip_uint64_t)buf_offset, &cdir, &error)) {
+ if (cdir != NULL && (za->open_flags & ZIP_CHECKCONS) && _zip_checkcons(za, cdir, &error) < 0) {
+ _zip_cdir_free(cdir);
+ cdir = NULL;
}
- else {
- cdir = cdirnew;
- if (za->open_flags & ZIP_CHECKCONS)
- best = _zip_checkcons(za, cdir, &error);
- else {
- best = 0;
- }
- }
- cdirnew = NULL;
+ break;
}
-
- match++;
- _zip_buffer_set_offset(buffer, (zip_uint64_t)(match - _zip_buffer_data(buffer)));
}
_zip_buffer_free(buffer);
- if (best < 0) {
+ if (cdir == NULL) {
_zip_error_copy(&za->error, &error);
- _zip_cdir_free(cdir);
- return NULL;
}
-
return cdir;
}
-static const unsigned char *_zip_memmem(const unsigned char *big, size_t biglen, const unsigned char *little, size_t littlelen) {
+static const unsigned char *
+find_eocd(zip_buffer_t *buffer, const unsigned char *last) {
+ const unsigned char *data = _zip_buffer_data(buffer);
const unsigned char *p;
- if (littlelen == 0) {
- return big;
+ if (last == NULL) {
+ last = data + _zip_buffer_size(buffer) - MAGIC_LEN;
}
-
- if (biglen < littlelen) {
+ else if (last == _zip_buffer_data(buffer)) {
return NULL;
}
+ else {
+ last -= 1;
+ }
- p = big;
- while (true) {
- p = (const unsigned char *)memchr(p, little[0], biglen - (littlelen - 1) - (size_t)(p - big));
- if (p == NULL) {
- return NULL;
- }
- if (memcmp(p + 1, little + 1, littlelen - 1) == 0) {
- return p;
+ for (p = last; p >= data; p -= 1) {
+ if (*p == EOCD_MAGIC[0]) {
+ if (memcmp(p, EOCD_MAGIC, MAGIC_LEN) == 0) {
+ return p;
+ }
}
- p += 1;
}
+
+ return NULL;
}
static zip_cdir_t *
-_zip_read_eocd(zip_buffer_t *buffer, zip_uint64_t buf_offset, unsigned int flags, zip_error_t *error) {
+_zip_read_eocd(zip_buffer_t *buffer, zip_uint64_t buf_offset, zip_error_t *error) {
zip_cdir_t *cd;
- zip_uint64_t i, nentry, size, offset, eocd_offset;
if (_zip_buffer_left(buffer) < EOCDLEN) {
zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_EOCD_LENGTH_INVALID);
return NULL;
}
- eocd_offset = _zip_buffer_offset(buffer);
-
- _zip_buffer_get(buffer, 4); /* magic already verified */
-
- if (_zip_buffer_get_32(buffer) != 0) {
- zip_error_set(error, ZIP_ER_MULTIDISK, 0);
+ if ((cd = _zip_cdir_new(error)) == NULL) {
return NULL;
}
+ cd->eocd_offset = buf_offset + _zip_buffer_offset(buffer);
+ /* This function is only called where EOCD magic was found, so no need to check that here. */
+ _zip_buffer_skip(buffer, MAGIC_LEN);
+ cd->is_zip64 = false;
+ cd->this_disk = _zip_buffer_get_16(buffer);
+ cd->eocd_disk = _zip_buffer_get_16(buffer);
+
/* number of cdir-entries on this disk */
- i = _zip_buffer_get_16(buffer);
+ cd->disk_entries = _zip_buffer_get_16(buffer);
/* number of cdir-entries */
- nentry = _zip_buffer_get_16(buffer);
-
- if (nentry != i) {
- zip_error_set(error, ZIP_ER_NOZIP, 0);
- return NULL;
- }
+ cd->num_entries = _zip_buffer_get_16(buffer);
+ cd->size = _zip_buffer_get_32(buffer);
+ cd->offset = _zip_buffer_get_32(buffer);
- size = _zip_buffer_get_32(buffer);
- offset = _zip_buffer_get_32(buffer);
+ return cd;
+}
- if (offset + size < offset) {
- zip_error_set(error, ZIP_ER_SEEK, EFBIG);
- return NULL;
+static bool
+check_eocd(zip_cdir_t *cd, unsigned int flags, zip_error_t *error) {
+ if (cd->disk_entries != cd->num_entries || cd->this_disk != 0 || cd->eocd_disk != 0) {
+ zip_error_set(error, ZIP_ER_MULTIDISK, 0);
+ return false;
}
- if (offset + size > buf_offset + eocd_offset) {
- /* cdir spans past EOCD record */
- zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_CDIR_OVERLAPS_EOCD);
- return NULL;
+ if (cd->offset + cd->size < cd->offset) {
+ zip_error_set(error, ZIP_ER_SEEK, EFBIG);
+ return false;
}
-
- if ((flags & ZIP_CHECKCONS) && offset + size != buf_offset + eocd_offset) {
+ if ((flags & ZIP_CHECKCONS) && cd->offset + cd->size != cd->eocd_offset) {
zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_CDIR_LENGTH_INVALID);
- return NULL;
+ return false;
}
- if ((cd = _zip_cdir_new(nentry, error)) == NULL)
- return NULL;
-
- cd->is_zip64 = false;
- cd->size = size;
- cd->offset = offset;
-
- return cd;
+ return true;
}
-static zip_cdir_t *
-_zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offset, unsigned int flags, zip_error_t *error) {
- zip_cdir_t *cd;
+cdir_status_t _zip_read_eocd64(zip_cdir_t *cdir, zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offset, unsigned int flags, zip_error_t *error) {
zip_uint64_t offset;
zip_uint8_t eocd[EOCD64LEN];
zip_uint64_t eocd_offset;
zip_uint64_t size, nentry, i, eocdloc_offset;
bool free_buffer;
- zip_uint32_t num_disks, num_disks64, eocd_disk, eocd_disk64;
+ zip_uint32_t num_disks, eocd_disk, this_disk;
eocdloc_offset = _zip_buffer_offset(buffer);
_zip_buffer_get(buffer, 4); /* magic already verified */
- num_disks = _zip_buffer_get_16(buffer);
- eocd_disk = _zip_buffer_get_16(buffer);
+ eocd_disk = _zip_buffer_get_32(buffer);
eocd_offset = _zip_buffer_get_64(buffer);
+ num_disks = _zip_buffer_get_32(buffer);
+
+ if (!check_magic(eocd_offset, buffer, buf_offset, src, EOCD64_MAGIC)) {
+ return CDIR_NOT_FOUND;
+ }
+
+ if (num_disks != 1) {
+ zip_error_set(error, ZIP_ER_MULTIDISK, 0);
+ return CDIR_INVALID;
+ }
/* valid seek value for start of EOCD */
if (eocd_offset > ZIP_INT64_MAX) {
zip_error_set(error, ZIP_ER_SEEK, EFBIG);
- return NULL;
+ return CDIR_INVALID;
}
/* does EOCD fit before EOCD locator? */
if (eocd_offset + EOCD64LEN > eocdloc_offset + buf_offset) {
zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_EOCD64_OVERLAPS_EOCD);
- return NULL;
+ return CDIR_INVALID;
}
/* make sure current position of buffer is beginning of EOCD */
@@ -777,10 +852,10 @@ _zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offse
else {
if (zip_source_seek(src, (zip_int64_t)eocd_offset, SEEK_SET) < 0) {
zip_error_set_from_source(error, src);
- return NULL;
+ return CDIR_INVALID;
}
if ((buffer = _zip_buffer_new_from_source(src, EOCD64LEN, eocd, error)) == NULL) {
- return NULL;
+ return CDIR_INVALID;
}
free_buffer = true;
}
@@ -790,7 +865,7 @@ _zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offse
if (free_buffer) {
_zip_buffer_free(buffer);
}
- return NULL;
+ return CDIR_INVALID;
}
/* size of EOCD */
@@ -802,47 +877,29 @@ _zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offse
if (free_buffer) {
_zip_buffer_free(buffer);
}
- return NULL;
+ return CDIR_INVALID;
}
_zip_buffer_get(buffer, 4); /* skip version made by/needed */
- num_disks64 = _zip_buffer_get_32(buffer);
- eocd_disk64 = _zip_buffer_get_32(buffer);
-
- /* if eocd values are 0xffff, we have to use eocd64 values.
- otherwise, if the values are not the same, it's inconsistent;
- in any case, if the value is not 0, we don't support it */
- if (num_disks == 0xffff) {
- num_disks = num_disks64;
- }
- if (eocd_disk == 0xffff) {
- eocd_disk = eocd_disk64;
- }
- if ((flags & ZIP_CHECKCONS) && (eocd_disk != eocd_disk64 || num_disks != num_disks64)) {
- zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_EOCD64_MISMATCH);
+ this_disk = _zip_buffer_get_32(buffer);
+ if (_zip_buffer_get_32(buffer) != eocd_disk) {
+ zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_EOCD64_LOCATOR_MISMATCH);
if (free_buffer) {
_zip_buffer_free(buffer);
}
- return NULL;
- }
- if (num_disks != 0 || eocd_disk != 0) {
- zip_error_set(error, ZIP_ER_MULTIDISK, 0);
- if (free_buffer) {
- _zip_buffer_free(buffer);
- }
- return NULL;
+ return CDIR_INVALID;
}
- nentry = _zip_buffer_get_64(buffer);
i = _zip_buffer_get_64(buffer);
+ nentry = _zip_buffer_get_64(buffer);
if (nentry != i) {
zip_error_set(error, ZIP_ER_MULTIDISK, 0);
if (free_buffer) {
_zip_buffer_free(buffer);
}
- return NULL;
+ return CDIR_INVALID;
}
size = _zip_buffer_get_64(buffer);
@@ -854,7 +911,7 @@ _zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offse
if (free_buffer) {
_zip_buffer_free(buffer);
}
- return NULL;
+ return CDIR_INVALID;
}
if (free_buffer) {
@@ -863,35 +920,33 @@ _zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offse
if (offset > ZIP_INT64_MAX || offset + size < offset) {
zip_error_set(error, ZIP_ER_SEEK, EFBIG);
- return NULL;
- }
- if (offset + size > buf_offset + eocd_offset) {
- /* cdir spans past EOCD record */
- zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_CDIR_OVERLAPS_EOCD);
- return NULL;
- }
- if ((flags & ZIP_CHECKCONS) && offset + size != buf_offset + eocd_offset) {
- zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_CDIR_OVERLAPS_EOCD);
- return NULL;
+ return CDIR_INVALID;
}
if (nentry > size / CDENTRYSIZE) {
zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_CDIR_INVALID);
- return NULL;
+ return CDIR_INVALID;
}
- if ((cd = _zip_cdir_new(nentry, error)) == NULL)
- return NULL;
+ if ((cdir->size != 0xffffffff && cdir->size != size) || (cdir->offset != 0xffffffff && cdir->offset != offset) || (cdir->num_entries != 0xffff && cdir->num_entries != nentry) || (cdir->disk_entries != 0xffff && cdir->disk_entries != i) || (cdir->this_disk != 0xffff && cdir->this_disk != this_disk) || (cdir->eocd_disk != 0xffff && cdir->eocd_disk != eocd_disk)) {
+ zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_EOCD64_MISMATCH);
+ return CDIR_INVALID;
+ }
- cd->is_zip64 = true;
- cd->size = size;
- cd->offset = offset;
+ cdir->is_zip64 = true;
+ cdir->size = size;
+ cdir->offset = offset;
+ cdir->disk_entries = i;
+ cdir->num_entries = nentry;
+ cdir->this_disk = this_disk;
+ cdir->eocd_disk = eocd_disk;
- return cd;
+ return CDIR_OK;
}
-static int decode_hex(char c) {
+static int
+decode_hex(char c) {
if (c >= '0' && c <= '9') {
return c - '0';
}
@@ -906,17 +961,17 @@ static int decode_hex(char c) {
/* _zip_check_torrentzip:
check whether ZA has a valid TORRENTZIP comment, i.e. is torrentzipped */
-static void zip_check_torrentzip(zip_t *za, const zip_cdir_t *cdir) {
+static void
+zip_check_torrentzip(zip_t *za, const zip_cdir_t *cdir) {
zip_uint32_t crc_should;
- char buf[8+1];
+ char buf[8 + 1];
size_t i;
if (cdir == NULL) {
return;
}
- if (_zip_string_length(cdir->comment) != TORRENTZIP_SIGNATURE_LENGTH + TORRENTZIP_CRC_LENGTH
- || strncmp((const char *)cdir->comment->raw, TORRENTZIP_SIGNATURE, TORRENTZIP_SIGNATURE_LENGTH) != 0)
+ if (_zip_string_length(cdir->comment) != TORRENTZIP_SIGNATURE_LENGTH + TORRENTZIP_CRC_LENGTH || strncmp((const char *)cdir->comment->raw, TORRENTZIP_SIGNATURE, TORRENTZIP_SIGNATURE_LENGTH) != 0)
return;
memcpy(buf, cdir->comment->raw + TORRENTZIP_SIGNATURE_LENGTH, TORRENTZIP_CRC_LENGTH);
@@ -934,8 +989,8 @@ static void zip_check_torrentzip(zip_t *za, const zip_cdir_t *cdir) {
{
zip_stat_t st;
- zip_source_t* src_window;
- zip_source_t* src_crc;
+ zip_source_t *src_window;
+ zip_source_t *src_crc;
zip_uint8_t buffer[512];
zip_int64_t ret;
@@ -943,7 +998,7 @@ static void zip_check_torrentzip(zip_t *za, const zip_cdir_t *cdir) {
st.valid |= ZIP_STAT_SIZE | ZIP_STAT_CRC;
st.size = cdir->size;
st.crc = crc_should;
- if ((src_window = _zip_source_window_new(za->src, cdir->offset, cdir->size, &st, 0, NULL, NULL, 0, false, NULL)) == NULL) {
+ if ((src_window = _zip_source_window_new(za->src, cdir->offset, cdir->size, &st, 0, NULL, NULL, NULL, 0, false, NULL)) == NULL) {
return;
}
if ((src_crc = zip_source_crc_create(src_window, 1, NULL)) == NULL) {