https://bugs.kde.org/show_bug.cgi?id=329579
Stefan Brüns <stefan.bru...@rwth-aachen.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Latest Commit| |https://invent.kde.org/fram
| |eworks/karchive/-/commit/e2
| |0f869437fc4dd979e36e8f18403
| |a03920b148e
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #4 from Stefan Brüns <stefan.bru...@rwth-aachen.de> ---
Git commit e20f869437fc4dd979e36e8f18403a03920b148e by Stefan Brüns.
Committed on 16/04/2025 at 15:31.
Pushed by bruns into branch 'master'.
kzip: Fix position calculation for archives with prepended arbitrary data
There are two variants of non-ZIP data before the first Local File Header.
Either with offset in the Central Directory reflecting the actual
position, i.e. the first entry offset in the CD will point just after the
additional non-ZIP header instead of 0. This is the case for e.g.
self-extracting archives from WinZIP.
The other is just a concatenation of non-ZIP data and a regular ZIP file,
i.e. the first entry in the CD will contain an offset value of 0.
unzip (Info-ZIP) and bsdunzip (libarchive) accept both variants (unzip -v
provides a warning - "warning [xxx.zip]: 61 extra bytes at beginning or
within zipfile"), libzip requires an explicit offset (-o 61) for the
latter.
Verify if the (adjusted) local file header offset in the Central
Directory match the seen positions, bail out otherwise. Provide a
warning similar to unzip in case there is extra data.
Limit the initial header search to the first 4 MByte (previously
unlimited). Also provide a more specific error message.
M +26 -0 autotests/karchivetest.cpp
M +1 -0 autotests/karchivetest.h
M +27 -4 src/kzip.cpp
https://invent.kde.org/frameworks/karchive/-/commit/e20f869437fc4dd979e36e8f18403a03920b148e
--
You are receiving this mail because:
You are watching all bug changes.
