From cd7a01c34fc4304ef8161ee617568f274ace5d24 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sun, 18 Mar 2018 23:13:40 +0100
Subject: Windows: Update libzip to version 1.5.0 that include fixes for some
 security issues.

---
 src/Common/libzip/zip_source_win32handle.c | 133 +++++++++++++----------------
 1 file changed, 60 insertions(+), 73 deletions(-)

(limited to 'src/Common/libzip/zip_source_win32handle.c')

diff --git a/src/Common/libzip/zip_source_win32handle.c b/src/Common/libzip/zip_source_win32handle.c
index 7fe003dc..8cef9198 100644
--- a/src/Common/libzip/zip_source_win32handle.c
+++ b/src/Common/libzip/zip_source_win32handle.c
@@ -1,40 +1,41 @@
 /*
-zip_source_win32file.c -- create data source from HANDLE (Win32)
-Copyright (C) 1999-2016 Dieter Baron and Thomas Klausner
-
-This file is part of libzip, a library to manipulate ZIP archives.
-The authors can be contacted at <libzip@nih.at>
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-notice, this list of conditions and the following disclaimer in
-the documentation and/or other materials provided with the
-distribution.
-3. The names of the authors may not be used to endorse or promote
-products derived from this software without specific prior
-written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
-OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
-DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
-GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
-IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
-IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+  zip_source_win32file.c -- create data source from HANDLE (Win32)
+  Copyright (C) 1999-2016 Dieter Baron and Thomas Klausner
+
+  This file is part of libzip, a library to manipulate ZIP archives.
+  The authors can be contacted at <libzip@nih.at>
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions
+  are met:
+  1. Redistributions of source code must retain the above copyright
+  notice, this list of conditions and the following disclaimer.
+  2. Redistributions in binary form must reproduce the above copyright
+  notice, this list of conditions and the following disclaimer in
+  the documentation and/or other materials provided with the
+  distribution.
+  3. The names of the authors may not be used to endorse or promote
+  products derived from this software without specific prior
+  written permission.
+
+  THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
+  OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+  ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+  DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+  GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+  IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+  IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
 
-#include <wchar.h>
+#include <aclapi.h>
 #include <stdlib.h>
 #include <string.h>
+#include <wchar.h>
 
 #include "zipint.h"
 #include "zipwin32.h"
@@ -48,8 +49,7 @@ static int _zip_win32_error_to_errno(unsigned long win32err);
 static int _zip_stat_win32(void *h, zip_stat_t *st, _zip_source_win32_read_file_t *ctx);
 
 ZIP_EXTERN zip_source_t *
-zip_source_win32handle(zip_t *za, HANDLE h, zip_uint64_t start, zip_int64_t len)
-{
+zip_source_win32handle(zip_t *za, HANDLE h, zip_uint64_t start, zip_int64_t len) {
     if (za == NULL)
 	return NULL;
 
@@ -58,8 +58,7 @@ zip_source_win32handle(zip_t *za, HANDLE h, zip_uint64_t start, zip_int64_t len)
 
 
 ZIP_EXTERN zip_source_t *
-zip_source_win32handle_create(HANDLE h, zip_uint64_t start, zip_int64_t length, zip_error_t *error)
-{
+zip_source_win32handle_create(HANDLE h, zip_uint64_t start, zip_int64_t length, zip_error_t *error) {
     if (h == INVALID_HANDLE_VALUE || length < -1) {
 	zip_error_set(error, ZIP_ER_INVAL, 0);
 	return NULL;
@@ -70,8 +69,7 @@ zip_source_win32handle_create(HANDLE h, zip_uint64_t start, zip_int64_t length,
 
 
 zip_source_t *
-_zip_source_win32_handle_or_name(const void *fname, HANDLE h, zip_uint64_t start, zip_int64_t len, int closep, const zip_stat_t *st, _zip_source_win32_file_ops_t *ops, zip_error_t *error)
-{
+_zip_source_win32_handle_or_name(const void *fname, HANDLE h, zip_uint64_t start, zip_int64_t len, int closep, const zip_stat_t *st, _zip_source_win32_file_ops_t *ops, zip_error_t *error) {
     _zip_source_win32_read_file_t *ctx;
     zip_source_t *zs;
 
@@ -140,8 +138,7 @@ _zip_source_win32_handle_or_name(const void *fname, HANDLE h, zip_uint64_t start
 
 
 static zip_int64_t
-_win32_read_file(void *state, void *data, zip_uint64_t len, zip_source_cmd_t cmd)
-{
+_win32_read_file(void *state, void *data, zip_uint64_t len, zip_source_cmd_t cmd) {
     _zip_source_win32_read_file_t *ctx;
     char *buf;
     zip_uint64_t n;
@@ -347,8 +344,8 @@ _win32_read_file(void *state, void *data, zip_uint64_t len, zip_source_cmd_t cmd
 		if (h == INVALID_HANDLE_VALUE) {
 		    win32err = GetLastError();
 		    if (win32err == ERROR_FILE_NOT_FOUND || win32err == ERROR_PATH_NOT_FOUND) {
-		        zip_error_set(&ctx->error, ZIP_ER_READ, ENOENT);
-		        return -1;
+			zip_error_set(&ctx->error, ZIP_ER_READ, ENOENT);
+			return -1;
 		    }
 		}
 	    }
@@ -376,8 +373,7 @@ _win32_read_file(void *state, void *data, zip_uint64_t len, zip_source_cmd_t cmd
     case ZIP_SOURCE_TELL:
 	return (zip_int64_t)ctx->current;
 
-    case ZIP_SOURCE_TELL_WRITE:
-    {
+    case ZIP_SOURCE_TELL_WRITE: {
 	LARGE_INTEGER zero;
 	LARGE_INTEGER offset;
 
@@ -390,8 +386,7 @@ _win32_read_file(void *state, void *data, zip_uint64_t len, zip_source_cmd_t cmd
 	return offset.QuadPart;
     }
 
-    case ZIP_SOURCE_WRITE:
-    {
+    case ZIP_SOURCE_WRITE: {
 	DWORD ret;
 	if (!WriteFile(ctx->hout, data, (DWORD)len, &ret, NULL) || ret != len) {
 	    zip_error_set(&ctx->error, ZIP_ER_WRITE, _zip_win32_error_to_errno(GetLastError()));
@@ -409,8 +404,7 @@ _win32_read_file(void *state, void *data, zip_uint64_t len, zip_source_cmd_t cmd
 
 
 static int
-_win32_create_temp_file(_zip_source_win32_read_file_t *ctx)
-{
+_win32_create_temp_file(_zip_source_win32_read_file_t *ctx) {
     zip_uint32_t value;
     /*
     Windows has GetTempFileName(), but it closes the file after
@@ -420,12 +414,12 @@ _win32_create_temp_file(_zip_source_win32_read_file_t *ctx)
     int i;
     HANDLE th = INVALID_HANDLE_VALUE;
     void *temp = NULL;
-    SECURITY_INFORMATION si;
-    SECURITY_ATTRIBUTES sa;
     PSECURITY_DESCRIPTOR psd = NULL;
     PSECURITY_ATTRIBUTES psa = NULL;
-    DWORD len;
-    BOOL success;
+    SECURITY_ATTRIBUTES sa;
+    SECURITY_INFORMATION si;
+    DWORD success;
+    PACL dacl = NULL;
 
     /*
     Read the DACL from the original file, so we can copy it to the temp file.
@@ -434,16 +428,8 @@ _win32_create_temp_file(_zip_source_win32_read_file_t *ctx)
     */
     if (ctx->h != INVALID_HANDLE_VALUE && GetFileType(ctx->h) == FILE_TYPE_DISK) {
 	si = DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION;
-	len = 0;
-	success = GetUserObjectSecurity(ctx->h, &si, NULL, len, &len);
-	if (!success && GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
-	    if ((psd = (PSECURITY_DESCRIPTOR)malloc(len)) == NULL) {
-		zip_error_set(&ctx->error, ZIP_ER_MEMORY, 0);
-		return -1;
-	    }
-	    success = GetUserObjectSecurity(ctx->h, &si, psd, len, &len);
-	}
-	if (success) {
+	success = GetSecurityInfo(ctx->h, SE_FILE_OBJECT, si, NULL, NULL, &dacl, NULL, &psd);
+	if (success == ERROR_SUCCESS) {
 	    sa.nLength = sizeof(SECURITY_ATTRIBUTES);
 	    sa.bInheritHandle = FALSE;
 	    sa.lpSecurityDescriptor = psd;
@@ -451,7 +437,13 @@ _win32_create_temp_file(_zip_source_win32_read_file_t *ctx)
 	}
     }
 
+
+#ifndef MS_UWP
     value = GetTickCount();
+#else
+    value = (zip_uint32_t)GetTickCount64();
+#endif
+
     for (i = 0; i < 1024 && th == INVALID_HANDLE_VALUE; i++) {
 	th = ctx->ops->op_create_temp(ctx, &temp, value + i, psa);
 	if (th == INVALID_HANDLE_VALUE && GetLastError() != ERROR_FILE_EXISTS)
@@ -460,12 +452,12 @@ _win32_create_temp_file(_zip_source_win32_read_file_t *ctx)
 
     if (th == INVALID_HANDLE_VALUE) {
 	free(temp);
-	free(psd);
+	LocalFree(psd);
 	zip_error_set(&ctx->error, ZIP_ER_TMPOPEN, _zip_win32_error_to_errno(GetLastError()));
 	return -1;
     }
 
-    free(psd);
+    LocalFree(psd);
     ctx->hout = th;
     ctx->tmpname = temp;
 
@@ -474,8 +466,7 @@ _win32_create_temp_file(_zip_source_win32_read_file_t *ctx)
 
 
 static int
-_zip_seek_win32_u(HANDLE h, zip_uint64_t offset, int whence, zip_error_t *error)
-{
+_zip_seek_win32_u(HANDLE h, zip_uint64_t offset, int whence, zip_error_t *error) {
     if (offset > ZIP_INT64_MAX) {
 	zip_error_set(error, ZIP_ER_SEEK, EOVERFLOW);
 	return -1;
@@ -485,8 +476,7 @@ _zip_seek_win32_u(HANDLE h, zip_uint64_t offset, int whence, zip_error_t *error)
 
 
 static int
-_zip_seek_win32(HANDLE h, zip_int64_t offset, int whence, zip_error_t *error)
-{
+_zip_seek_win32(HANDLE h, zip_int64_t offset, int whence, zip_error_t *error) {
     LARGE_INTEGER li;
     DWORD method;
 
@@ -516,8 +506,7 @@ _zip_seek_win32(HANDLE h, zip_int64_t offset, int whence, zip_error_t *error)
 
 
 static int
-_zip_win32_error_to_errno(DWORD win32err)
-{
+_zip_win32_error_to_errno(DWORD win32err) {
     /*
     Note: This list isn't exhaustive, but should cover common cases.
     */
@@ -543,8 +532,7 @@ _zip_win32_error_to_errno(DWORD win32err)
 
 
 static int
-_zip_stat_win32(HANDLE h, zip_stat_t *st, _zip_source_win32_read_file_t *ctx)
-{
+_zip_stat_win32(HANDLE h, zip_stat_t *st, _zip_source_win32_read_file_t *ctx) {
     FILETIME mtimeft;
     time_t mtime;
     LARGE_INTEGER size;
@@ -586,8 +574,7 @@ _zip_stat_win32(HANDLE h, zip_stat_t *st, _zip_source_win32_read_file_t *ctx)
 
 
 static int
-_zip_filetime_to_time_t(FILETIME ft, time_t *t)
-{
+_zip_filetime_to_time_t(FILETIME ft, time_t *t) {
     /*
     Inspired by http://stackoverflow.com/questions/6161776/convert-windows-filetime-to-second-in-unix-linux
     */
-- 
cgit v1.2.3