]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
Pull request #4513: decompress: handle ZIP central directory and invalid local file...
authorBrandon Stultz (brastult) <brastult@cisco.com>
Wed, 13 Nov 2024 09:09:46 +0000 (09:09 +0000)
committerOleksii Shumeiko -X (oshumeik - SOFTSERVE INC at Cisco) <oshumeik@cisco.com>
Wed, 13 Nov 2024 09:09:46 +0000 (09:09 +0000)
Merge in SNORT/snort3 from ~BRASTULT/snort3:zip_central_dir to master

Squashed commit of the following:

commit 18fa67b9dee2dc3effc41138788a12824265bdaf
Author: Brandon Stultz <brastult@cisco.com>
Date:   Tue Nov 5 16:17:57 2024 -0500

    decompress: handle ZIP central directory

src/decompress/file_decomp_zip.cc
src/decompress/file_decomp_zip.h

index 5fbd6fc906b60aab9093b2ddc2ead3e4f075985b..c45b53e90e8ee4b5c633536e0caca16e204bae38 100644 (file)
@@ -160,12 +160,16 @@ fd_status_t File_Decomp_ZIP(fd_session_t* SessionPtr)
             // check if we are done with the local_header
             if ( parser->Index == parser->Length )
             {
+                // read a header, reset the index
+                parser->Index = 0;
+
                 // check if we read a local_header
                 if ( parser->local_header != ZIP_LOCAL_HEADER )
-                    return output_blocked ? File_Decomp_BlockOut : File_Decomp_Complete;
-
-                // read a local_header, reset the index
-                parser->Index = 0;
+                {
+                    parser->State = ZIP_STATE_SEARCH;
+                    parser->Length = 0;
+                    continue;
+                }
 
                 // reset ZIP fields
                 parser->local_header = 0;
index f8d043b95ee1d58af77e77bce46da778d2a385b8..9bbf1a472911b494daa233c697d61424fdd63839 100644 (file)
@@ -60,7 +60,7 @@ enum fd_ZIP_states
     ZIP_STATE_FILENAMELEN,    // filename length (2 bytes)
     ZIP_STATE_EXTRALEN,       // extra field length (2 bytes)
 
-    ZIP_STATE_FILENAME,    // filename field (filenamelen bytes)
+    ZIP_STATE_FILENAME,       // filename field (filenamelen bytes)
 
     //skipped:
     // ZIP_STATE_EXTRA,       // extra field (extralen bytes)