View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0018106CentOS-8unzippublic2021-03-16 16:262021-03-16 16:26
Reporterkubo Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Summary0018106: extract of mixed sizes leads to an error
DescriptionWhen zip file contains a file with central directory header without
an extra filed (and thus the data descriptor is not in ZIP64 format),
G.zip64 flag is not reset.

It can cause problems for zip files with mix of files larger and smaller
than 4GB, created by compressors, which add extra fields only for files
larger than 4GB (like Java).

See https://github.com/madler/unzip/pull/6 for more details.
Steps To ReproduceDescribed in github: https://github.com/madler/unzip/pull/6

```
dd if=/dev/zero of=file_larger_than_4g bs=1024 count=4194305
dd if=/dev/zero of=file_smaller_than_4g bs=1024 count=1

cat > TestZip.java <<EOF
import java.util.zip.ZipOutputStream;
import java.util.zip.ZipEntry;
import java.io.FileInputStream;
import java.io.FileOutputStream;

class TestZip {
    private static void addFileToZip(ZipOutputStream zos, String name) throws Exception {
        byte[] buffer = new byte[2048];

        FileInputStream fis = new FileInputStream(name);
        zos.putNextEntry(new ZipEntry(name));
        int length;
        while ((length = fis.read(buffer)) > 0) {
            zos.write(buffer, 0, length);
        }
    }

    public static void main(String args[]) throws Exception {
        ZipOutputStream zos = new ZipOutputStream(new FileOutputStream("test_zip.zip"));
        addFileToZip(zos, "file_larger_than_4g");
        addFileToZip(zos, "file_smaller_than_4g");
        zos.close();
    }
}
EOF

javac TestZip.java
java TestZip

./unzip -t test_zip.zip file_smaller_than_4g
```

Without the fix:
```
[nix-shell:~/src/unzip]$ ./unzip -t test_zip.zip file_smaller_than_4g
Archive: test_zip.zip
    testing: file_smaller_than_4g OK
error: invalid zip file with overlapped components (possible zip bomb)
```

After the fix:

```
[nix-shell:~/src/unzip]$ ./unzip -t test_zip.zip file_smaller_than_4g
Archive: test_zip.zip
    testing: file_smaller_than_4g OK
No errors detected in test_zip.zip for the 1 file tested.
```
Additional InformationThe fix is already inplace in upstream, please patch the OS' unzip: https://github.com/madler/unzip/commit/122050bac16fae82a460ff739fb1ca0f106e9d85
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2021-03-16 16:26 kubo New Issue