From 426bf3a1f19255b9b8afd18c2d867b9644bdd12e Mon Sep 17 00:00:00 2001 From: Tianjie Date: Wed, 15 Apr 2020 16:30:39 -0700 Subject: [PATCH] Handle the invalid timestamp in zipfile The month field is one based in the zipfile modification time. And it causes an overflow converting it to struct tm. Switch to type to signed integer to suppress the sub-overflow. Bug: 153882979 Test: parse the problematic zipfile Change-Id: Iaf47bcc7f83d61b18c9e7a98bb6ab3936c9257e3 --- libziparchive/include/ziparchive/zip_archive.h | 5 +++-- libziparchive/zip_archive.cc | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/libziparchive/include/ziparchive/zip_archive.h b/libziparchive/include/ziparchive/zip_archive.h index 3d51de9c0..005d6977d 100644 --- a/libziparchive/include/ziparchive/zip_archive.h +++ b/libziparchive/include/ziparchive/zip_archive.h @@ -48,9 +48,10 @@ struct ZipEntryCommon { // Modification time. The zipfile format specifies // that the first two little endian bytes contain the time // and the last two little endian bytes contain the date. - // See `GetModificationTime`. + // See `GetModificationTime`. Use signed integer to avoid the + // sub-overflow. // TODO: should be overridden by extra time field, if present. - uint32_t mod_time; + int32_t mod_time; // Returns `mod_time` as a broken-down struct tm. struct tm GetModificationTime() const; diff --git a/libziparchive/zip_archive.cc b/libziparchive/zip_archive.cc index 7bf2120e2..014f88131 100644 --- a/libziparchive/zip_archive.cc +++ b/libziparchive/zip_archive.cc @@ -1570,6 +1570,7 @@ bool ZipArchive::InitializeCentralDirectory(off64_t cd_start_offset, size_t cd_s return true; } +// This function returns the embedded timestamp as is; and doesn't perform validations. tm ZipEntryCommon::GetModificationTime() const { tm t = {};