crx_file: Error early for CRXs with ZIP markers in header.

Bug: 1513379 Change-Id: I029b4f15778df0c150866b1f49a9b5b2924690ed Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5141787 Commit-Queue: Joshua Pawlicki <waffles@chromium.org> Auto-Submit: Joshua Pawlicki <waffles@chromium.org> Code-Coverage: findit-for-me@appspot.gserviceaccount.com <findit-for-me@appspot.gserviceaccount.com> Commit-Queue: Sorin Jianu <sorin@chromium.org> Reviewed-by: Sorin Jianu <sorin@chromium.org> Cr-Commit-Position: refs/heads/main@{#1239849}
chromium · Dec 20, 2023 · 989eddc · 989eddc
1 parent 581f3a6
commit 989eddc
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/components/crx_file/crx_verifier.cc b/components/crx_file/crx_verifier.cc
@@ -4,6 +4,7 @@
 
 #include "components/crx_file/crx_verifier.h"
 
+#include <algorithm>
 #include <climits>
 #include <cstring>
 #include <iterator>
@@ -43,6 +44,9 @@ constexpr uint8_t kPublisherTestKeyHash[] = {
     0x5f, 0x64, 0xf3, 0xa6, 0x17, 0x03, 0x0d, 0xde, 0x21, 0x61, 0xbe,
     0xb7, 0x95, 0x91, 0x95, 0x83, 0x68, 0x12, 0xe9, 0x78, 0x1e};
 
+constexpr uint8_t kEocd[] = {'P', 'K', 0x05, 0x06};
+constexpr uint8_t kEocd64[] = {'P', 'K', 0x06, 0x07};
+
 using VerifierCollection =
     std::vector<std::unique_ptr<crypto::SignatureVerifier>>;
 using RepeatedProof = google::protobuf::RepeatedPtrField<AsymmetricKeyProof>;
@@ -109,6 +113,18 @@ VerifierResult VerifyCrx3(
       header_size) {
     return VerifierResult::ERROR_HEADER_INVALID;
   }
+
+  // If the header contains a ZIP EOCD or EOCD64 token, unzipping may not work
+  // correctly.
+  if (std::search(std::begin(header_bytes), std::end(header_bytes),
+                  std::begin(kEocd),
+                  std::end(kEocd)) != std::end(header_bytes) ||
+      std::search(std::begin(header_bytes), std::end(header_bytes),
+                  std::begin(kEocd64),
+                  std::end(kEocd64)) != std::end(header_bytes)) {
+    return VerifierResult::ERROR_HEADER_INVALID;
+  }
+
   CrxFileHeader header;
   if (!header.ParseFromArray(header_bytes.data(), header_size))
     return VerifierResult::ERROR_HEADER_INVALID;