From: Tim Kientzle <kientzle@acm.org>
Date: Mon, 4 May 2026 03:42:22 +0000 (-0700)
Subject: 7zip: propagate skip_stream's actual error code in read_data_skip
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=24c7124407b5e6df9bff1bf95ce30bb7e72bbc0a;p=thirdparty%2Flibarchive.git

7zip: propagate skip_stream's actual error code in read_data_skip

archive_read_format_7zip_read_data_skip used to coerce any negative
skip_stream() return into ARCHIVE_FATAL.  That is wrong in principle:
ARCHIVE_FAILED can legitimately propagate up from setup_decode_folder()
through read_stream() and skip_stream(), and the wrapper should not
upgrade it.

In the current encryption-partially test case this is empirically a
no-op because skip_stream() still returns ARCHIVE_FATAL via a second,
deeper code path through extract_pack_stream().  An inline TODO comment
flags that asymmetry for a follow-up audit.
---

diff --git a/libarchive/archive_read_support_format_7zip.c b/libarchive/archive_read_support_format_7zip.c
index ea303efb6..b922fb7fe 100644
--- a/libarchive/archive_read_support_format_7zip.c
+++ b/libarchive/archive_read_support_format_7zip.c
@@ -1189,8 +1189,19 @@ archive_read_format_7zip_read_data_skip(struct archive_read *a)
 	 * compressed data much more quickly.
 	 */
 	bytes_skipped = skip_stream(a, (size_t)zip->entry_bytes_remaining);
+	/*
+	 * TODO: when archive_read_data() fails on an encrypted entry with
+	 * ARCHIVE_FAILED, the implicit skip from the next
+	 * archive_read_next_header() lands here.  Empirically, skip_stream()
+	 * still returns ARCHIVE_FATAL via extract_pack_stream() on its second
+	 * call (after setup_decode_folder() returned ARCHIVE_FAILED on the
+	 * first), so the FAILED-from-data / FATAL-from-skip asymmetry persists.
+	 * Audit extract_pack_stream() / read_stream() to see whether the second
+	 * call should also surface ARCHIVE_FAILED so the caller can move on
+	 * to entries in subsequent folders.
+	 */
 	if (bytes_skipped < 0)
-		return (ARCHIVE_FATAL);
+		return ((int)bytes_skipped);
 	zip->entry_bytes_remaining = 0;
 
 	/* This entry is finished and done. */