alex/spacedrive
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Trigger virus if size mismatch

Browse source
This commit is contained in:
atxr 2024-02-28 03:21:41 +01:00
parent c06790d5e0
commit 321daf3ac8
2 changed files with 2 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

16
libmineziper/src/libmineziper.c
View file

@ -54,23 +54,11 @@ bool scan_decoded_files(zip zip)
LFH* lfh = (LFH*) (zip.start + zip.lfh_off[i]);
// Verify CDH/LFH parsed sizes to avoid undefined behavior
// Trigger virus alert if mismatching sizes
if (lfh->filename_length != zip.cdh_filename_length[i])
{
fprintf(
stderr,
"[ERROR] Mismatch in CDH/LFH filename lengths. Local file might be "
"malformed.\nSkipping file...\n");
continue;
}
for (int k = 0; k < blocklist_size; k++)
{
char* filename = zip.start + zip.lfh_off[i] + sizeof(LFH);
if (strcmp(blocklist[k], filename) == 0)
{
fprintf(stderr, "[ERROR] Forbidden filename found in zip archive.\n");
fprintf(stderr, "[ERROR] Mismatch in CDH/LFH filename lengths.\n");
return true;
}
}
data* decoded = malloc(sizeof(data));