Skip to content

Commit

Permalink
Do not accept zip files with invalid headers.
Browse files Browse the repository at this point in the history
According to Section 4.3.6 in [1] non-empty zip file starts with
local file header. 4.3.1 allows empty files, and in such case
file starts with "end of central directory record".

This aligns ZipFile with libziparchive modulo empty zip files -
libziparchive rejects them.

Tests are skipped because sc-dev branch uses ART module
prebuilts, but builds tests from sources which leads to presubmit
failures.

Ignore-AOSP-First: b/309938635#comment1

[1] https://pkwaredownloads.blob.core.windows.net/pem/APPNOTE.txt

Bug: 309938635
Test: CtsLibcoreTestCases
Test: CtsLibcoreOjTestCases
(cherry picked from commit 288a44a1817707110cdf5a3a6ef8377c6e10cce2)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:5a6809400627ab1c8dbb76f92dfb89daae6b2f65)
Merged-In: I545cdd49ec3cc138331145f4716c8148662a478b
Change-Id: I545cdd49ec3cc138331145f4716c8148662a478b
  • Loading branch information
Yqwed authored and Android Build Coastguard Worker committed Aug 7, 2024
1 parent 7267082 commit dc4486b
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions ojluni/src/main/native/zip_util.c
Original file line number Diff line number Diff line change
Expand Up @@ -900,6 +900,17 @@ ZIP_Put_In_Cache0(const char *name, ZFILE zfd, char **pmsg, jlong lastModified,
zip->locsig = JNI_TRUE;
else
zip->locsig = JNI_FALSE;

// BEGIN Android-changed: do not accept files with invalid header.
if (GETSIG(errbuf) != LOCSIG && GETSIG(errbuf) != ENDSIG) {
if (pmsg) {
*pmsg = strdup("Entry at offset zero has invalid LFH signature.");
}
ZFILE_Close(zfd);
freeZip(zip);
return NULL;
}
// END Android-changed: do not accept files with invalid header.
}

// This lseek is safe because it happens during construction of the ZipFile
Expand Down

0 comments on commit dc4486b

Please sign in to comment.