Make the zipfile() extension function more robust against zero-length filenames.

FossilOrigin-Name: b9c2005f0291d58d7f3bfd4a2286eb6563e9c9433519c3329035f325fc723445

diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c
index ec820038e24cca01d64cf2e660b0c99ecf48c12f..e24865020c400e1292dcd8df3648d136deb3b42e 100644 (file)
--- a/ext/misc/zipfile.c
+++ b/ext/misc/zipfile.c
@@ -2025,13 +2025,13 @@ void zipfileStep(sqlite3_context *pCtx, int nVal, sqlite3_value **apVal){
   ** at the end of the path. Or, if this is not a directory and the path
   ** ends in '/' it is an error. */
   if( bIsDir==0 ){
-    if( zName[nName-1]=='/' ){
+    if( nName>0 && zName[nName-1]=='/' ){
       zErr = sqlite3_mprintf("non-directory name must not end with /");
       rc = SQLITE_ERROR;
       goto zipfile_step_out;
     }
   }else{
-    if( zName[nName-1]!='/' ){
+    if( nName==0 || zName[nName-1]!='/' ){
       zName = zFree = sqlite3_mprintf("%s/", zName);
       if( zName==0 ){
         rc = SQLITE_NOMEM;

diff --git a/manifest b/manifest
index 01406c6bb6e6e8a37704d5a6b55bb176eb9047c2..7980796dd8f9a77e8777c045ac37e42203923992 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\sanother\scase\swhere\smalformed\sutf-8\swas\sbeing\smishandled\sin\sfts5.\sFix\sfor\s[df46a6f3].
-D 2019-12-24T16:20:05.755
+C Make\sthe\szipfile()\sextension\sfunction\smore\srobust\sagainst\szero-length\sfilenames.
+D 2019-12-24T18:53:13.812
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -324,7 +324,7 @@ F ext/misc/vfsstat.c 77b5b4235c9f7f11eddf82487c0a422944ac2f132dafd5af3be7a68a057
 F ext/misc/vtablog.c 5538acd0c8ddaae372331bee11608d76973436b77d6a91e8635cfc9432fba5ae
 F ext/misc/vtshim.c 1976e6dd68dd0d64508c91a6dfab8e75f8aaf6cd
 F ext/misc/wholenumber.c 784b12543d60702ebdd47da936e278aa03076212
-F ext/misc/zipfile.c 46b8022d5c4f118995c3e7228542215204dacc9c1c4e9872710900ec276d6db3
+F ext/misc/zipfile.c 010d67eeca123e3a89ab4144221bc4da66455fc964053602af5bb63584110bc7
 F ext/misc/zorder.c b0ff58fa643afa1d846786d51ea8d5c4b6b35aa0254ab5a82617db92f3adda64
 F ext/rbu/rbu.c 8681f6157db6adc82c34af24b14ea8a3be0146ad2a3b6c1d5da6cb8a5796c8ce
 F ext/rbu/rbu1.test 221d9c18a5e600ac9ac6b1810d99d9f99163a7909ba61597876ab6e4d4beb3d6
@@ -1852,7 +1852,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 4630c1ec013a4c2e54a34c9a64b2c803ac3912450de660497eb34ee21c91f426
-R 1a8908752b44d0f45dd43aab7ad0fcac
-U dan
-Z 13978aa5759e244af756578de8231027
+P 1c0a05b09a97e6e2e9b11c31ed6ec7e6484686614b587ebfd0cfe27d973ba461
+R 933ae05740077a8424843ac050f8609d
+U drh
+Z 953d680bd67e02f4ea8af1d20d201007

diff --git a/manifest.uuid b/manifest.uuid
index caf9d30c2d945723471a68f3999fa7caa964386e..789a9a1b82988b43509b308a96184381efcf359e 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-1c0a05b09a97e6e2e9b11c31ed6ec7e6484686614b587ebfd0cfe27d973ba461
\ No newline at end of file
+b9c2005f0291d58d7f3bfd4a2286eb6563e9c9433519c3329035f325fc723445
\ No newline at end of file