RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-31 09:38:11 +00:00
Code Issues Activity Actions

unzip: Verify extracted files against CRC32 checksums

Browse source 
This removes one TODO.
This commit is contained in:
implicitfield 2022-12-18 12:48:20 +02:00 committed by Andreas Kling
parent 2da1c1c10e
commit a520894522
2 changed files with 11 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Userland/Utilities/CMakeLists.txt
View file

@ -121,7 +121,7 @@ target_link_libraries(test-fuzz PRIVATE LibGemini LibGfx LibHTTP LibIPC LibJS Li
target_link_libraries(test-imap PRIVATE LibIMAP) target_link_libraries(test-imap PRIVATE LibIMAP)
target_link_libraries(test-pthread PRIVATE LibThreading) target_link_libraries(test-pthread PRIVATE LibThreading)
target_link_libraries(unveil PRIVATE LibMain) target_link_libraries(unveil PRIVATE LibMain)
target_link_libraries(unzip PRIVATE LibArchive LibCompress) target_link_libraries(unzip PRIVATE LibArchive LibCompress LibCrypto)
target_link_libraries(update-cpp-test-results PRIVATE LibCpp) target_link_libraries(update-cpp-test-results PRIVATE LibCpp)
target_link_libraries(useradd PRIVATE LibCrypt) target_link_libraries(useradd PRIVATE LibCrypt)
target_link_libraries(wallpaper PRIVATE LibGfx LibGUI) target_link_libraries(wallpaper PRIVATE LibGfx LibGUI)

11
Userland/Utilities/unzip.cpp
View file

@ -14,6 +14,7 @@
#include <LibCore/File.h> #include <LibCore/File.h>
#include <LibCore/MappedFile.h> #include <LibCore/MappedFile.h>
#include <LibCore/System.h> #include <LibCore/System.h>
#include <LibCrypto/Checksum/CRC32.h>
#include <sys/stat.h> #include <sys/stat.h>
static bool unpack_zip_member(Archive::ZipMember zip_member, bool quiet) static bool unpack_zip_member(Archive::ZipMember zip_member, bool quiet)
@ -37,13 +38,14 @@ static bool unpack_zip_member(Archive::ZipMember zip_member, bool quiet)
if (!quiet) if (!quiet)
outln(" extracting: {}", zip_member.name); outln(" extracting: {}", zip_member.name);
// TODO: verify CRC32s match! Crypto::Checksum::CRC32 checksum;
switch (zip_member.compression_method) { switch (zip_member.compression_method) {
case Archive::ZipCompressionMethod::Store: { case Archive::ZipCompressionMethod::Store: {
if (!new_file->write(zip_member.compressed_data.data(), zip_member.compressed_data.size())) { if (!new_file->write(zip_member.compressed_data.data(), zip_member.compressed_data.size())) {
warnln("Can't write file contents in {}: {}", zip_member.name, new_file->error_string()); warnln("Can't write file contents in {}: {}", zip_member.name, new_file->error_string());
return false; return false;
} }
checksum.update({ zip_member.compressed_data.data(), zip_member.compressed_data.size() });
break; break;
} }
case Archive::ZipCompressionMethod::Deflate: { case Archive::ZipCompressionMethod::Deflate: {
@ -60,6 +62,7 @@ static bool unpack_zip_member(Archive::ZipMember zip_member, bool quiet)
warnln("Can't write file contents in {}: {}", zip_member.name, new_file->error_string()); warnln("Can't write file contents in {}: {}", zip_member.name, new_file->error_string());
return false; return false;
} }
checksum.update({ decompressed_data.value().data(), decompressed_data.value().size() });
break; break;
} }
default: default:
@ -71,6 +74,12 @@ static bool unpack_zip_member(Archive::ZipMember zip_member, bool quiet)
return false; return false;
} }
if (checksum.digest() != zip_member.crc32) {
warnln("Failed decompressing file {}: CRC32 mismatch", zip_member.name);
MUST(new_file->remove(zip_member.name, Core::File::RecursionMode::Disallowed, true));
return false;
}
return true; return true;
} }