[PATCH] Improve unzip's handling of stream ZIP files
Denys Vlasenko
vda.linux at googlemail.com
Fri Jun 18 11:33:00 UTC 2010
On Fri, Jun 18, 2010 at 7:28 AM, Dan Fandrich <dan at coneharvesters.com> wrote:
> I found that unzip couldn't handle certain ZIP files with long comments
> because the routine that searches for the magic numbers at the end of the
> file didn't search hard enough. Signed ZIP files for Android are some that
> fall into this category, and you can produce your own like this:
>
> $ yes | head -1000 | zip - - | cat >badzip.zip
> adding: - (deflated 99%)
> $ yes | head -1000 | zip -z badzip.zip
> enter new zip file comment (end with .):
> $ busybox unzip -l badzip.zip
> Archive: badzip.zip
> Length Date Time Name
> -------- ---- ---- ----
> unzip: can't find file table
>
> The patch increases the search distance from 1 KiB to 16 KiB, which should
> be enough to cover most situations. I used the heap to hold that
> sized buffer to deal better with platforms that have small stack sizes.
This free() is surely not needed:
+ free(buf);
bb_error_msg_and_die("can't find file table");
Commented it out and applied, thanks!
--
vda
More information about the busybox
mailing list