On Wed, 28 Nov 2012, M Joonas Pihlaja wrote:
> Package: unzip
> Version: 6.0-7
> Severity: grave
> Tags: upstream
> Justification: causes non-serious data loss
>
> Dear Maintainer,
>
> Unzipping an archive gives me CRC errors and corrupt files. Please consider
> adding -DNOMEMCPY to the compile line. I was merrily unzipping an
> archive when I came across CRC errors for some of the extracted files:
>
> $ unzip ../walk_network_20120628.zip
> Archive: ../walk_network_20120628.zip
> inflating: walk_network.shx
> inflating: walk_network.dbf bad CRC b3242663 (should be 7d1b61e0)
> inflating: walk_network.prj
> inflating: walk_network.sbn
> inflating: walk_network.sbx
> inflating: walk_network.shp bad CRC 13443cc8 (should be 0adaa078)
> inflating: walk_network.shp.xml
>
> The extracted files are corrupted. I suspected a memory failure
> so ran memtester with a large percentage of ram under test. Nothing
> showed up and grumpyness ensued.
>
> So I downloaded the source using apt-get source unzip, built
> the unzip executable with flags -O0 -g and removed the -s
> flag from the link line to not strip the resulting binaries, like so:
>
> $ make -B -f unix/Makefile LF2="" CFLAGS="-O0 -g" unzip
> [...]
>
> Running the unzip command above under valgrind and tells me this:
>
> $ valgrind ../unzip-6.0/unzip ../lvm_walk_network_20120628.zip
> ==19732== Memcheck, a memory error detector
> ==19732== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
> ==19732== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
> ==19732== Command: ../unzip-6.0/unzip ../walk_network_20120628.zip
> ==19732==
> Archive: ../walk_network_20120628.zip
> inflating: walk_network.shx
> inflating: walk_network.dbf ==19732== Source and destination overlap in
> memcpy(0x70dd44, 0x70dd72, 74)
> ==19732== at 0x4C2A690: memcpy (mc_replace_strmem.c:838)
> ==19732== by 0x40D377: inflate_codes (inflate.c:1021)
> ==19732== by 0x40E151: inflate_dynamic (inflate.c:1373)
> ==19732== by 0x40E2D0: inflate_block (inflate.c:1421)
> ==19732== by 0x40E3E7: inflate (inflate.c:1494)
> ==19732== by 0x408B38: extract_or_test_member (extract.c:1855)
> ==19732== by 0x408091: extract_or_test_entrylist (extract.c:1576)
> ==19732== by 0x406060: extract_or_test_files (extract.c:584)
> ==19732== by 0x4116D8: do_seekable (process.c:987)
> ==19732== by 0x410719: process_zipfiles (process.c:401)
> ==19732== by 0x402195: unzip (unzip.c:1253)
> ==19732== by 0x401B10: main (unzip.c:720)
> ==19732==
>
> Looking at the source I see it choosing between memcpy() and
> a hand-rolled forward copy like this:
>
> #ifndef NOMEMCPY
> if ((unsigned)w - d >= e)
> /* (this test assumes unsigned comparison) */
> {
> memcpy(redirSlide + (unsigned)w, redirSlide + d, e);
> w += e;
> d += e;
> }
> else /* do it slowly to avoid memcpy() overlap */
> #endif /* !NOMEMCPY */
> do {
> redirSlide[w++] = redirSlide[d++];
> } while (--e);
>
> The same style of test occurs in explode.c twice. So I added -DNOMEMCPY to
> the compile line, rebuilt, and ran the unzip command again. All files were
> intact without any corruption.
Thanks a lot for such a detailed bug report.
This is certainly something to be fixed in wheezy.
Working on it now.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
