diff options
| -rw-r--r-- | ext/zip/lib/zip_open.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/ext/zip/lib/zip_open.c b/ext/zip/lib/zip_open.c index 2f56881b0a..a348d9800d 100644 --- a/ext/zip/lib/zip_open.c +++ b/ext/zip/lib/zip_open.c @@ -206,7 +206,9 @@ _zip_readcdir(FILE *fp, off_t buf_offset, unsigned char *buf, unsigned char *eoc cd->comment = NULL; cd->comment_len = _zip_read2(&cdp); - if (((zip_uint64_t)cd->offset)+cd->size > buf_offset + (eocd-buf)) { + /* without checking the ZIP_CHECKCONS flag we'll not able even to open inconsistent + archives at this place, which would break bc in PHP */ + if ((ZIP_CHECKCONS == (flags & ZIP_CHECKCONS)) && ((zip_uint64_t)cd->offset)+cd->size > buf_offset + (eocd-buf)) { /* cdir spans past EOCD record */ _zip_error_set(error, ZIP_ER_INCONS, 0); cd->nentry = 0; @@ -237,7 +239,13 @@ _zip_readcdir(FILE *fp, off_t buf_offset, unsigned char *buf, unsigned char *eoc } } - if (cd->offset >= buf_offset) { + /* the first if branch goes the old way of libzip 0.9 so we don't loose + the bc for reading inconsistent files */ + if ((ZIP_CHECKCONS != (flags & ZIP_CHECKCONS)) && cd->size < (unsigned int)(eocd-buf)) { + cdp = eocd - cd->size; + bufp = &cdp; + } + else if (cd->offset >= buf_offset) { /* if buffer already read in, use it */ cdp = buf + (cd->offset - buf_offset); bufp = &cdp; |