Handle the invalid timestamp in zipfile

The month field is one based in the zipfile modification time. And it causes an overflow converting it to struct tm. Switch to type to signed integer to suppress the sub-overflow. Bug: 153882979 Test: parse the problematic zipfile Change-Id: Iaf47bcc7f83d61b18c9e7a98bb6ab3936c9257e3 Merged-In: Iaf47bcc7f83d61b18c9e7a98bb6ab3936c9257e3 (cherry picked from commit 426bf3a1f1)
2020-04-15 16:30:39 -07:00 · 2020-04-15 16:30:39 -07:00 · abf60c8d2e
parent 418f28dbe4
commit abf60c8d2e
2 changed files with 4 additions and 2 deletions
--- a/libziparchive/include/ziparchive/zip_archive.h
+++ b/libziparchive/include/ziparchive/zip_archive.h
@ -47,9 +47,10 @@ struct ZipEntry {
  // Modification time. The zipfile format specifies
  // that the first two little endian bytes contain the time
  // and the last two little endian bytes contain the date.
-  // See `GetModificationTime`.
+  // See `GetModificationTime`. Use signed integer to avoid the
+  // sub-overflow.
  // TODO: should be overridden by extra time field, if present.
-  uint32_t mod_time;
+  int32_t mod_time;

  // Returns `mod_time` as a broken-down struct tm.
  struct tm GetModificationTime() const;
--- a/libziparchive/zip_archive.cc
+++ b/libziparchive/zip_archive.cc
@ -1299,6 +1299,7 @@ bool ZipArchive::InitializeCentralDirectory(off64_t cd_start_offset, size_t cd_s
  return true;
 }

+// This function returns the embedded timestamp as is; and doesn't perform validations.
 tm ZipEntry::GetModificationTime() const {
  tm t = {};