Windows: Update libzip to version 1.5.0 that include fixes for some security issues.

2026-01-04 04:38:12 -06:00 · 2018-03-18 23:13:40 +01:00
parent 49a8e52139
commit cd7a01c34f
118 changed files with 4666 additions and 3444 deletions
--- a/src/Common/libzip/zip_file_get_offset.c
+++ b/src/Common/libzip/zip_file_get_offset.c
@@ -1,6 +1,6 @@
 /*
  zip_file_get_offset.c -- get offset of file data in archive.
-  Copyright (C) 1999-2016 Dieter Baron and Thomas Klausner
+  Copyright (C) 1999-2017 Dieter Baron and Thomas Klausner

  This file is part of libzip, a library to manipulate ZIP archives.
  The authors can be contacted at <libzip@nih.at>
@@ -17,7 +17,7 @@
  3. The names of the authors may not be used to endorse or promote
     products derived from this software without specific prior
     written permission.
- 
+
  THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
  OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -35,8 +35,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <sys/types.h>
 #include <sys/stat.h>
+#include <sys/types.h>

 #include "zipint.h"

@@ -48,11 +48,15 @@
 */

 zip_uint64_t
-_zip_file_get_offset(const zip_t *za, zip_uint64_t idx, zip_error_t *error)
-{
+_zip_file_get_offset(const zip_t *za, zip_uint64_t idx, zip_error_t *error) {
    zip_uint64_t offset;
    zip_int32_t size;

+    if (za->entry[idx].orig == NULL) {
+	zip_error_set(error, ZIP_ER_INTERNAL, 0);
+	return 0;
+    }
+
    offset = za->entry[idx].orig->offset;

    if (zip_source_seek(za->src, (zip_int64_t)offset, SEEK_SET) < 0) {
@@ -61,13 +65,56 @@ _zip_file_get_offset(const zip_t *za, zip_uint64_t idx, zip_error_t *error)
    }

    /* TODO: cache? */
-    if ((size=_zip_dirent_size(za->src, ZIP_EF_LOCAL, error)) < 0)
+    if ((size = _zip_dirent_size(za->src, ZIP_EF_LOCAL, error)) < 0)
 	return 0;

-    if (offset+(zip_uint32_t)size > ZIP_INT64_MAX) {
-        zip_error_set(error, ZIP_ER_SEEK, EFBIG);
-        return 0;
+    if (offset + (zip_uint32_t)size > ZIP_INT64_MAX) {
+	zip_error_set(error, ZIP_ER_SEEK, EFBIG);
+	return 0;
    }
-    
+
    return offset + (zip_uint32_t)size;
 }
+
+zip_uint64_t
+_zip_file_get_end(const zip_t *za, zip_uint64_t index, zip_error_t *error) {
+    zip_uint64_t offset;
+    zip_dirent_t *entry;
+
+    if ((offset = _zip_file_get_offset(za, index, error)) == 0) {
+	return 0;
+    }
+
+    entry = za->entry[index].orig;
+
+    if (offset + entry->comp_size < offset || offset + entry->comp_size > ZIP_INT64_MAX) {
+	zip_error_set(error, ZIP_ER_SEEK, EFBIG);
+	return 0;
+    }
+    offset += entry->comp_size;
+
+    if (entry->bitflags & ZIP_GPBF_DATA_DESCRIPTOR) {
+	zip_uint8_t buf[4];
+	if (zip_source_seek(za->src, (zip_int64_t)offset, SEEK_SET) < 0) {
+	    _zip_error_set_from_source(error, za->src);
+	    return 0;
+	}
+	if (zip_source_read(za->src, buf, 4) != 4) {
+	    _zip_error_set_from_source(error, za->src);
+	    return 0;
+	}
+	if (memcmp(buf, DATADES_MAGIC, 4) == 0) {
+	    offset += 4;
+	}
+	offset += 12;
+	if (_zip_dirent_needs_zip64(entry, 0)) {
+	    offset += 8;
+	}
+	if (offset > ZIP_INT64_MAX) {
+	    zip_error_set(error, ZIP_ER_SEEK, EFBIG);
+	    return 0;
+	}
+    }
+
+    return offset;
+}