Skip to content

fix: encrypted ZIP reports SecurityViolation instead of misleading corruption hint#92

Merged
bug-ops merged 3 commits intomainfrom
bug-encrypted-zip-reports-misl
Mar 15, 2026
Merged

fix: encrypted ZIP reports SecurityViolation instead of misleading corruption hint#92
bug-ops merged 3 commits intomainfrom
bug-encrypted-zip-reports-misl

Conversation

@bug-ops
Copy link
Copy Markdown
Owner

@bug-ops bug-ops commented Mar 15, 2026

Summary

  • Detect the "Password required to decrypt file" error from the zip crate in check_entry_encrypted() and return Ok(true) instead of wrapping it as InvalidArchive
  • Detect the same error in process_entry() and return SecurityViolation instead of InvalidArchive, matching the 7z encryption error style
  • Add regression test test_encrypted_zip_rejected_with_security_violation that creates a real ZipCrypto-encrypted archive in-memory and verifies the correct error variant is returned

Closes #83

Test plan

  • cargo nextest run -E 'test(encrypted)' — all 3 encrypted-related tests pass
  • cargo +nightly fmt --all -- --check — no formatting issues
  • cargo clippy --all-targets --all-features --workspace -- -D warnings — no warnings
  • RUSTDOCFLAGS="-D warnings" cargo doc --no-deps --all-features --workspace — no doc warnings
  • cargo nextest run --workspace --all-features --exclude exarch-python --exclude exarch-node --lib --bins — 512 tests, all passed
  • cargo deny check — no advisories

bug-ops added 3 commits March 15, 2026 01:29
@bug-ops
fix: map ZIP encryption error to SecurityViolation instead of Invalid…
abf55a5 
…Archive

When ZipCrypto-encrypted entries are opened via by_index(), the zip crate
returns ZipError::UnsupportedArchive("Password required to decrypt file")
before returning a ZipFile handle. This caused check_entry_encrypted() and
process_entry() to wrap the error as InvalidArchive, bypassing the
SecurityViolation branch and showing a confusing "archive may be corrupted"
hint.

Fix: detect the PASSWORD_REQUIRED error string in both call sites and
return Ok(true) / SecurityViolation respectively, matching the 7z behavior.
Add regression test using ZipCrypto-encrypted in-memory archive.
@bug-ops
chore: add CHANGELOG entry for encrypted ZIP fix (#83)
b0bf9a5
@bug-ops
chore: merge main into fix/bug-83-encrypted-zip
1c8c162
@github-actions github-actions bot added core Changes to exarch-core docs Documentation labels Mar 15, 2026
@bug-ops bug-ops enabled auto-merge (squash) March 15, 2026 00:38
@bug-ops bug-ops merged commit d4c7930 into main Mar 15, 2026
20 checks passed
@bug-ops bug-ops deleted the bug-encrypted-zip-reports-misl branch March 15, 2026 00:41
@bug-ops bug-ops mentioned this pull request Mar 15, 2026
Closed
bug-ops added a commit that referenced this pull request Mar 15, 2026
@bug-ops
fix: list command returns SecurityViolation for encrypted ZIP (#96)
acba386 
The list path missed the encryption check that was added in #92 for
the extract path. `list_zip` called `archive.by_index(i)` and wrapped
all errors as `InvalidArchive`, so encrypted archives produced a
misleading "unsupported Zip archive: Password required" message.

Apply the same dual-check pattern from `zip.rs`: detect the
"Password required to decrypt file" error string in `map_err` and
check `entry.encrypted()` after a successful open, both returning
`SecurityViolation { reason: "archive is password-protected" }`.

Adds a regression test covering the encrypted ZIP list path.
bug-ops added a commit that referenced this pull request Mar 15, 2026
@bug-ops
fix: list command returns SecurityViolation for encrypted ZIP (#96)
93ee4a8 
The list path missed the encryption check that was added in #92 for
the extract path. `list_zip` called `archive.by_index(i)` and wrapped
all errors as `InvalidArchive`, so encrypted archives produced a
misleading "unsupported Zip archive: Password required" message.

Apply the same dual-check pattern from `zip.rs`: detect the
"Password required to decrypt file" error string in `map_err` and
check `entry.encrypted()` after a successful open, both returning
`SecurityViolation { reason: "archive is password-protected" }`.

Adds a regression test covering the encrypted ZIP list path.
bug-ops added a commit that referenced this pull request Mar 15, 2026
@bug-ops
fix: list command returns SecurityViolation for encrypted ZIP (#96) (#98
e1f37d0 
)

The list path missed the encryption check that was added in #92 for
the extract path. `list_zip` called `archive.by_index(i)` and wrapped
all errors as `InvalidArchive`, so encrypted archives produced a
misleading "unsupported Zip archive: Password required" message.

Apply the same dual-check pattern from `zip.rs`: detect the
"Password required to decrypt file" error string in `map_err` and
check `entry.encrypted()` after a successful open, both returning
`SecurityViolation { reason: "archive is password-protected" }`.

Adds a regression test covering the encrypted ZIP list path.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

core Changes to exarch-core docs Documentation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

bug: encrypted ZIP reports misleading 'corrupted or malformed' error instead of 'encrypted'

1 participant

@bug-ops