From: Brandon Stultz (brastult) Date: Wed, 13 Nov 2024 09:09:46 +0000 (+0000) Subject: Pull request #4513: decompress: handle ZIP central directory and invalid local file... X-Git-Tag: 3.5.2.0~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=571ddda469c1749ca0e846c9f77cb15bb635c70e;p=thirdparty%2Fsnort3.git Pull request #4513: decompress: handle ZIP central directory and invalid local file headers Merge in SNORT/snort3 from ~BRASTULT/snort3:zip_central_dir to master Squashed commit of the following: commit 18fa67b9dee2dc3effc41138788a12824265bdaf Author: Brandon Stultz Date: Tue Nov 5 16:17:57 2024 -0500 decompress: handle ZIP central directory --- diff --git a/src/decompress/file_decomp_zip.cc b/src/decompress/file_decomp_zip.cc index 5fbd6fc90..c45b53e90 100644 --- a/src/decompress/file_decomp_zip.cc +++ b/src/decompress/file_decomp_zip.cc @@ -160,12 +160,16 @@ fd_status_t File_Decomp_ZIP(fd_session_t* SessionPtr) // check if we are done with the local_header if ( parser->Index == parser->Length ) { + // read a header, reset the index + parser->Index = 0; + // check if we read a local_header if ( parser->local_header != ZIP_LOCAL_HEADER ) - return output_blocked ? File_Decomp_BlockOut : File_Decomp_Complete; - - // read a local_header, reset the index - parser->Index = 0; + { + parser->State = ZIP_STATE_SEARCH; + parser->Length = 0; + continue; + } // reset ZIP fields parser->local_header = 0; diff --git a/src/decompress/file_decomp_zip.h b/src/decompress/file_decomp_zip.h index f8d043b95..9bbf1a472 100644 --- a/src/decompress/file_decomp_zip.h +++ b/src/decompress/file_decomp_zip.h @@ -60,7 +60,7 @@ enum fd_ZIP_states ZIP_STATE_FILENAMELEN, // filename length (2 bytes) ZIP_STATE_EXTRALEN, // extra field length (2 bytes) - ZIP_STATE_FILENAME, // filename field (filenamelen bytes) + ZIP_STATE_FILENAME, // filename field (filenamelen bytes) //skipped: // ZIP_STATE_EXTRA, // extra field (extralen bytes)