From 80cda6954adc88eac3b99171acafea004976915b Mon Sep 17 00:00:00 2001 From: Michael Stahl Date: Fri, 8 Nov 2024 18:08:58 +0100 Subject: [PATCH] tdf#163818 package: fix recovery of zip entry local header with ... ... compressed size = 0. The problem is that vector::data() on a vector of size 0 returns nullptr, and osl_readFile into a nullptr buffer returns E_INVAL, which causes an exception to be thrown. Catch the exception, so that there is a chance to read the values from the data descriptor instead. (regression from commit 32cad89592ec04ab552399095c91dd76afb3002c and/or commit a6ad198d097fb4a503c8d5831d484ff46721134b) Change-Id: I9b2d9a930997146faf224d8033955b142fe93f58 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176289 Reviewed-by: Michael Stahl Tested-by: Jenkins --- package/qa/cppunit/data/tdf163818.odg | Bin 0 -> 11181 bytes package/qa/cppunit/test_zippackage.cxx | 22 +++++++++++++++++++ package/source/zipapi/ZipFile.cxx | 29 +++++++++++++++---------- 3 files changed, 40 insertions(+), 11 deletions(-) create mode 100644 package/qa/cppunit/data/tdf163818.odg diff --git a/package/qa/cppunit/data/tdf163818.odg b/package/qa/cppunit/data/tdf163818.odg new file mode 100644 index 0000000000000000000000000000000000000000..a01424acc27d5402d997c629387072e9c7e490dc GIT binary patch literal 11181 zcmch71zc3!);9`B2}nsvNF&lUAc#nJ*T8_}P{R;IND4}Kr?hmZ2+}Rx4H6DqkToCAg zzVnaPf0jb>3n_4g9she0$bKQg7HaEgixBf)vf@`V9AJhp$N$HkfQ%&{IT5o4y3Bd!dl z&?kxo?$Z_T{e?bI<3~M+M!|X~$$b;(F?T!5uEWDdN3AbzVNxt?9}CGKe{s5j^@bsj zSVTCxXNj`XXK34rL?5;7&HxQrw6({xtLstr1?#iX`9=Mq@gQ**yixPy4O2M=CA}}Z8DCWK7JK4IC~CLexwyse68|8 z-u-yqw$ywvkus=VSA{*(A`GCzFp!Ol(epfhbl0iAa9&%HbYR`VKo#5SQLOuU9DNi^ zn0v~rgrdE+!Xf?!=5KkW?#))gbfP=6I$X1#1w5BLo*|dc$FDWC-BnBbn!=^O+%i=1 zL%x~Cy(jgl*~&++Q@iaKu%=z?q3cf_N5l8Z7nEhp(7;vOQ2HM0(}9`|{K|z*+AvGM zhhHnULgFcCA8`i@Z<>TFehGlyoxZEeDe-}8uB${Nswm7Q5Nss^Su~mGKM1* z3rDjm$+8ciN`OrYD4q92LK44md7hx*GNUgBg^^)IcAShcXG{(&+@uv^-dN^3dpA1( z3am;yhoY+79G@t}=IP8#ioBT&JPe3za1ME5(^bU-@qTiI>hJ&Ku><*T%GbLQOZIr% z{JHa8kwWw`&^lD8T-Zy}4Q$H2iB;u^=Y%F^7UPYE5R}fgXO)|!dD{D0Os)DMS=k@m zGE`Nkg_IXX+h@O$(;OtnnC;=2-ZhH!$1YSp-FG^3ju~C1a&s@R1K9fA^Mrhn8`>fZ3A4uOt-*<{v%1n86qg%-1_myVJ{Uv#Z^4q8MU-K(3A$6j) zg~+Y*SlS{TBfds72jee1)o5;BMxk_xjb}SI8jXhHvCOu2%9(V%3)&gMWjPf+7NZpTx|h+qS(z-Dx#nmHpHYlC)IkmJw%^^$u`3q({S|&RV9O zEk2;}RFxrIN)x(H3W(; ze-!roBxoPD@Tzoe)$E~sBa54i!hj7sc01?E#Ya&AHa&8VM|O9*`Ixcsgy(Q_>9vQm zuKRhTD!s}=SGNJFCfQ%6@_@I4R#}!!Bj#Cz<%0>+4_$jmP%!$?*8;TEr)Wq}-l}kr zpcM!|1P3cu(d(m!Cadgym>KDG@vR9g;Y^0)Ei?u79AXFh`DuBb+A}EDh7jm=?_&*o z2kY%TW0+JkS%%OX)zxU|40kBrUmMmNN8;LSajwMj3nJ^8(3dqvf9*Y85ydZcUq;{& zGaW{ODdmhka25T@DqW{~c_!Ur%;lbYvV=PeZi+py9D~sUXPjNa|IrF7sbm_eZ!k!Z zKWEvTd1ouoo&F`#H}uRZIcqlqr3w-;fjbT219yyidv7u6QQ1`ZDhZcRc4XtX(;cyc zA>N*kuJLp>XWut3!~-OQtirvy6QX2F9nP zWVuiC$ty%GWG;5*%eZ0*lsYAyY?)nJyo}nHzwSTIRikT9A@OIRqnt7PNXw~?6KhNv zpctzt6bn`8D#U{okJ8>Jl3OXpL8e#LTBD z=mBb9mqJ>4HdQY4!;D-Kz6I{xQE43}d{>Sx*DIjTl5CElZW7MS4+`7O1%)hWn0F}N4dzKn4 z_w;}vwn?UQjYuIEOowMzKfG>0pE7s@)&eV(WVzTy48aOEz3>Gs#kUu=S3PBeh6r#8XertZ=L2nscG-&5J zYgbgs_W0XFa5^tj(ZIutvvl(Qx>kq=n7FoBsOGzwj>y!jaf9(@@j~&iZp^nv!U6g2 z-RN_qrp&ShDgZH^jNKR$p0>{sHmoe&cpGtV$JX$MXk;K~e#1MiD;rO;gstAoXbfAY z#*O&8n|%HuYVbp`J+;=C8$_o9k>n<}bTBKjXdsF+DNr>rHu9UbI85G$NgJ`@%%lRG z!4);x@}sJL`33@c%%uWK^{%g6YlYYNjxd|z>?7`uF!Z{Ns}tYBO2N5T3s_x1%g__0Eg}p2DBe|h6P!t^a#8~^d z0@;!4(-oGKyVRNFDlQXlHBq0u9dY?VXO$L90BmwhU0AkYShw+1^|?zrDpzY0sc)0v z(=#o35bs?QN#)bXcrr62RBbZ_Uu6KZ3U58#zAGehE)W8XdRQ3huA-W25m7K6KxYyNZ3TdA5+p7zbqAg z9J#s}v$Ys5yB`mg>Pp_Tqzq63P$+=;E6-(GM$ME-h2n>+)7net^TRE(Y++~Bu{jih45;eV3Lq1Gym;i-2eLu5x{E|!MrnHeDh@KyA4SN%jqI13o6B4Z zfN=Y(A4&CsKw}V0!}Xlqa!gC_3#O?eIcD8>-qTXeomjBR_;(cfBacZOc8Y6U48zmVNJG_v>@h2)TCcIp4d^E`0T{ zW=;ijbsb|IJxkvihhLA;Y#+akwp1z(O8bbX`t{qDr#a6f>g6~T`xY28Rpw7b0{mW! zEnAycnf2fYM<1*PN~_my;L;c_ya15ngEq=hR>n}K(ZW+5n>X)WiiY$R-!d8=Np^d9 z@3_~uDh<3la0MisDOm03RNP-kQ8&{>q8J%%lmsqli+sELWMH||ll4?F7<>NpY>4gk z*_KO{r({PC>ocYXy)Xw_Ga=fCm17;Jr}~#;246RyH6&5K_Is7BZLHL-R693(VgN0) z_vskDLehO6i<6ut`-8U-Ja4#CX*2p{eKdz$AoN@QiMgkv8mMHD6z_$qWPt(B8!8#Y zfT=DAxnL*SrqDy%MVkwMH6fDp_I8^h9rM70XG@l?^KD~Qbhuy0Mqg>- z@X;tTcrM<(pna#-S+2R?>iT3+%O=$ZwhXKG^v@N;)0;2tAsrY3kWlSv$HUx(rGy2; zPM>A&lbj~nRV>;ud^%3F`?ScJG?-a-I zgohiw*GFfco!1(hu9y87F*@ji1WN2xnQ#wZw$vg|_=Y46$La>sEK94B5-~AysREYi znFR~;!o&LXAh_!+{AvXu?gr#M0i?wFBDg*u7OS4YT5|`gV*BI(5&d%6-;=Nz=DC1Z zhPlOCuA1z9F<+05tD%z5%tKg9icq-oNG{*u2`3)4>3nydN@3!OP3t^imZ>(5Hsx7r ztftZB9oII#tjScDqOtvorD~s1M0s~y4LqVfC4b#xR34C<%)aa`o(!vakqo0d0*Dz^ zsNWMBA}!99>UncHArV^|n9$&!JtUg`_2Zb-pd4!+O(t5G)K?Nt>z1A)qVQ74syS{B`&;i+^}MM?i~N8UaP7k>R`-t(YFrm`*-iGHzzF+{ z)Jm7D=}F^M#r+e_C#aD?8q<<<3%l>L_cIgK_ypqKP{_3ArAPC}bW-k_*R;r4WV=19 zO3pbQ)A?9CU!OB=KT=D9(Ex2gF z3LnLiLi=lR(n+1OH^CGxJKHzfHs+TqA3hGKPH}r$k8q?Rm)Mcc^Z?^_xTjfEW^^|* zES})Vt9kc^ESJ=aztl3%`N}JKQ4$y#Fh2mbT8_1qz|UZc3}blJdzV8>zZ3Pk@A&=Z zV@b8{_$DpYVUzXecWkNz7TWAFiAgO~fOzag4JTYLNAH&uqHtnlVT9WQrxt8E-JHE0 zW(`KQMHE|KnYkwCJ_zV{^qYwo2n~}_%C#GQPHBFR<}s~LZ2QTP#GU7^ALf@ihD(Fm zUMui+d{&+8NWWc`B4AH}3Cow!e}Sq%tQKapuB*6XYWMz4N0P}qUtU) zJ2RqASsV{gl)am!Pn*gNw_=I4cONz_uOfME5>aq{_>xYDlBa@YIp#ygYbhEERL+uQ z{jHscifEHnrz6@~566DhhBLvRBbeaN{{ixcw%o(bl~@2Pk)sYiSV7`*QJ|VimSiYg z44n3VQ$foqi4*}AkB_QcmTm*#jGHK9*wvbF))^37u{&_>;8>ozV+g=m%P|CrrEc*! z9KB{duNv{N23VLT2D&|myr`Pd%<_~h4A!)&F2*4m0}9W>Yh9UlM6V+>iHj#J!zJKf zx;y1(^_oyIPqGKd%jM>U)icI;)%7!PrYwu$idPp)?vzLtkH21l2LC1%jt;4Y!<>%i zL8=k##p6IoA&43nIs?C3k9dlOQe9j#4h#hrR+Ak!5K9kRBAUhHa8?j?UiFOTtR;dm zbmrNEe*sj_p!y(q;WwP&=APh)7eaV{BP$+fdjO|JFga;iRb#aytbuC;mkMVxDujFC zA58TxtgGQvWB-u!8F~0OS5%W#YyR_zE?gtH?rvzA2;DWU;P_77a5HPhYse6qS0faH zHxPRNiwR->ge5WhZ)6A>&8&Yi!7T5sRBpC@s@sgLXd=N8ELGk1jVopJPe!cMH zY)3-659e|)g~2Rrz`uoicM>2D$jO7OIbR_1uoUkx4s#qb=YrAZ};Mz2)+^$2-b;ejyR)e7+5I;ojRIQ?6Zg(vo|jD zyxP|=G6;;=@0u)Wr1FSmnXN^)1L@GqxM&ocv2RPdKZw+Yj9C(o&mXRQ5B;%UpSy37 z0kf6=Q;7aEb)^H5^R#*7;ByIAhsA>AD@{J#u(s{~HV9>GrXwP!( z$BSl(*;?(sk<`P!K0qKf;S+wHS7X7iGYMWRvM*e&B)Z6W@I>8OgBb#-gew4`00 z5stX+Cyd(CaIuyKDrFu=j!2D}B9qlohJR6u0$oyqOA7$r$$k@BW{k2Zp&zVBF{Z@V z9V291_;VY)_VW*JzwRkWL7hK1*)>`MFS5gzP&0EH>(v)MU_hq<(L&aSe4 zfx(2O1o%)@i&U=4ApH6K%QZK)w9f4nUld94*C?W%lj?)r5+EjD_#)Br>#w}EAyvm)x-u+k70G5C!9xkCq!e2 zs%gLb~dh;xwO-O zvi&EQGGBc{DSf2myW8%n#)xNs%X9fl+{z!z%&g^-lqzT{@3eec5!uoCl1N*)t zO0y5(x+an(g4YwZL`=c}R3;;G0426}=zdo(VueMosptH-T2hK0;QY|3I+B09^o+3a4owJJGwBfv~{d431b|bQ0Oq&n&?~xu7lMM z6Ab9uadP7Ioyu(y~*O0V9hwai${7@iPVhDNuIf7S=2o!mvg zQE88R>Z1(_cV!fcT{QqaRWM-Rk7LN^{)(WcJEt$B!$0^h+KiuH{=kyZ+K7tM1Jg^V1^q;tZVpPVAO@ zFEowMl$@5h^0vgd``sEJ=rAxu-XEc9ryhxe?FOvL@{Vu@>_kCC)#wB73$AAi+pZeM znhOU;Jj4HJS3Ex4oa$7m=B(R}T8ufTMq}!fC*}5?wR`bqyh4t>zN+H3kd$|Q!euB` zNs5v@-fR$(+b(TdJ6n=l4Le|P9I3TRi#Wl$j*>Tlh+vA|Y;`wL9$=P0L?X@@p)`Y>S-&?|fTuz0NF!D+i9a&Yt^Bs?F|M>hH1OO7n+rMQ?J3`M z<)$oVq}$&8>oN>h${vPe7?Wa z>^`*C|E4?n^0inXaZ-!{SsTi{Ne3N^--FwI7W@q;z$K47?=M;1LpGAz; zkR`j##&!miR=u6C->+>1-Hwq|eZV?q=>tt{If0SW3P#lVp`qm&vII09Ss&q1HCXo@`}_$hfdqaVE4)(|;pk-ga812A_r zj)2+;>!I9CT4NV=b{JopML$I66ciP%G8fB{=U{KnUnBP%ay{-Z-jx2q z-Y<=_NnF5nJ=Fll{c%Vq+%1)}+I&K?O7m&xw8LX_a19UjMo`DYV(r>k>(gLrs5+)h zuB0_hht7Lna2o7h`*6jD)s?n?Pwi$GO!#~c_e&`I}&8npjF%9a?ASg@t_FpQ~_ts^r}$}TzAKJoxagO{dj&=u`}NoIQj;pB^lX8@G#W8n}#00 zC4qjc>;S+p?Z?rH-wKY=vWXiD*WncY44CA}WK+w?5WUxoLo-v+AtG6HHM!+Cg52by=i~85<&Rw+ru~4 z{RZ#*@?)gO8lQa*(|cQ!(-?1^CgUI0t5BRU#TTkYV0qp*bUE1GiIE3m;cvR$-3Od! zk(HXa7d-Z5X4qa_AAvTN8b7=)*U}9o=%pYNpfdVOSowk89q;`dNqu^gh4_4cU*WzW zI<-71yCK1m@PNr~iu(X+|HerBa}S=PAX4LZID{2NG)g3^^=X9F%gF@}%|}o$D{SfJ(8wu>)HKqxf=M^-G4z~pkBs@vYG8oh=f2 zr0+j9!+-^>jZ{t(2{lJfhBj3LTKxp}R=4xFL=Y>+@h@-ho?##%A=ZVzUNK6-*OI@b z0hz)K5plxMnEtS24np5kkDvf2tQzkJW$2Y#1*$B(@RJg6kLXXRF277YZK-YR;=oNUaQ-0p9tF9Vh+Hs&Z@YPd zoH5pKK~047!dP3i)4kc{|DCf z4CeV(Z}lj{}?Z?=R>rSWZDFeDb?Rj@Dev2B}*DV@sX~ zO16Ow_<}~6!j}Ww&)D?3q#WD_Dvjf8H2caYHyJsC_bjxs74F%U%VDq`So?2fGuH^U zZLpPAvUceLB3Gk24B7;|x16nWe7Q8sLPfOt3FnKusf)>F-xT1_-$$Ll#8dZzzil*h zvIOY+?mI|Ghwp`xy67Rm z4666_c6JigMQiKBexD-RX=1V$Eo-!cNLHM?q7y_VoUFz<^iVDWx} zHDpIakWYT@*b(avP~B0`%{<{?Av5)UAVIZz?;Ccdb&&E+fFM_SXIC!mTM!O`U}GTK zu`z@Gz&dH2KK?{t7p&%i)DXqAdM43|3sDU~)|h7S8)aDC?PFiQAfEU+HD@Ulw{dTh z^{toQF}+PLo==78j;UcRHy$1H>n3dsf@e z+`GSWAvS(L3p~2?hhhk?|6M}e-ytDFQNNcic=fMHKa=ME4u$M@2zZSdZuehNeou`1 z-{XY-0_XSSx4*;rvsL@Q!1uol%Hz<@rMr)5c$1~lm0n8@>kA3PMUunv1oMg qY}tSQO#YSYk8=QGLjAp_>Rap-89)j!v{Er1bLt8T const args{ + uno::Any(url), + uno::Any(beans::NamedValue("StorageFormat", uno::Any(embed::StorageFormats::PACKAGE))) + }; + + // unclear if this should be allowed? + CPPUNIT_ASSERT_THROW(m_xContext->getServiceManager()->createInstanceWithArgumentsAndContext( + ZipPackage, args, m_xContext), + css::packages::zip::ZipIOException); + + // recovery should work + uno::Sequence const args2{ + uno::Any(url), uno::Any(beans::NamedValue(u"RepairPackage"_ustr, uno::Any(true))), + uno::Any(beans::NamedValue("StorageFormat", uno::Any(embed::StorageFormats::ZIP))) + }; + m_xContext->getServiceManager()->createInstanceWithArgumentsAndContext(ZipPackage, args2, + m_xContext); +} + //CPPUNIT_TEST_SUITE_REGISTRATION(...); //CPPUNIT_PLUGIN_IMPLEMENT(); diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index d270b8d35463..ea674f642c29 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -1856,20 +1856,27 @@ bool ZipFile::checkSizeAndCRC( const ZipEntry& aEntry ) { ::osl::MutexGuard aGuard( m_aMutexHolder->GetMutex() ); - sal_Int32 nCRC = 0; - sal_Int64 nSize = 0; - - if( aEntry.nMethod == STORED ) - return ( getCRC( aEntry.nOffset, aEntry.nSize ) == aEntry.nCrc ); - - if (aEntry.nCompressedSize < 0) + try + { + sal_Int32 nCRC = 0; + sal_Int64 nSize = 0; + + if( aEntry.nMethod == STORED ) + return ( getCRC( aEntry.nOffset, aEntry.nSize ) == aEntry.nCrc ); + + if (aEntry.nCompressedSize < 0) + { + SAL_WARN("package", "bogus compressed size of: " << aEntry.nCompressedSize); + return false; + } + + getSizeAndCRC( aEntry.nOffset, aEntry.nCompressedSize, &nSize, &nCRC ); + return ( aEntry.nSize == nSize && aEntry.nCrc == nCRC ); + } + catch (uno::Exception const&) { - SAL_WARN("package", "bogus compressed size of: " << aEntry.nCompressedSize); return false; } - - getSizeAndCRC( aEntry.nOffset, aEntry.nCompressedSize, &nSize, &nCRC ); - return ( aEntry.nSize == nSize && aEntry.nCrc == nCRC ); } sal_Int32 ZipFile::getCRC( sal_Int64 nOffset, sal_Int64 nSize )