-
-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add std.zip and support zip files in build.zig.zon #19729
Conversation
2709542
to
52252a3
Compare
Here's a test suite you can use: https://github.com/thejoshwolfe/yauzl/tree/master/test |
The way I do this in yauzl is i manually test with very large zip files (created in a bash
A couple of suggestions from people opening security issues against yauzl:
Optional enhancements that I've found people actually benefit from:
Isn't the
In 10 years, nobody has opened an issue against yauzl and convinced me that there was a compelling use case for supporting anything other than |
There is a medium amount of special case logic in the test harness that makes the |
We actually use the tmp directory save the zip contents to a file before extracting it, then I extract everything to a subdirectory to avoid any potential name conflicts with the zip file itself...then we can remove that zip file and collapse that temporary subdiectory (also avoiding name conflicts with the subdirectory while doing this). If anyone has a better way to do this please let me know! :)
Then afterwards we do something like |
1cd6f42
to
7f40093
Compare
It seemed to be working but I found a deflate64 example that doesn't work...looks like this would require some extra work in our std module deflate implementation to actually work in general. I've updated the implementation to fail on seeing this format for now. We could make an attempt to process it as non 64 deflate, but seems better to just say we don't support it until we actually do. |
This is N+1 rename syscalls where N is the number of files in the root directory of the zip file, and fails if the zip file has a file named Instead, I suggest to download the zip file to As a bonus you could extract the |
ab0ad5f
to
3d3ea7e
Compare
First (very preliminary, just a few minutes of fuzzing) round of fuzzing crashes: zip-fuzzing-crashes-20240422.zip From a quick look, it found an integer overflow, and then also const std = @import("std");
test "zip fuzzing repro" {
const testfile = "id:000000,sig:06,src:000033,time:147,execs:1011,op:havoc,rep:11";
var tmp = std.testing.tmpDir(.{});
defer tmp.cleanup();
var file = try std.fs.cwd().openFile(testfile, .{});
defer file.close();
std.zip.extract(tmp.dir, file, .{}) catch {};
} The fuzzer implementation is in a branch here: https://github.com/squeek502/zig-std-lib-fuzzing/tree/zip Side note: one thing that would be nice from a fuzzing perspective would be the option to do everything in-memory instead of hitting the filesystem, but not sure how feasible that is (see the tar fuzzer for how the filesystem was able to be avoided with |
I just pushed an updated commit with this ability leveraging P.S. oh actually, you can now write/read the zip file in memory, however, the |
Looking good! Ran the updated fuzzer for 12 hours and found no crashes. Note: the fuzzer just checks for illegal behavior, not correctness. Some possible ideas for testing correctness:
|
Are you fuzzing on windows or linux? On linux you can get around this by making a tempfs mount that your fuzzer runs on so you never actually hits the harddrive/ssd. |
7d359b6
to
c9d8073
Compare
1aa7dca
to
46c095d
Compare
2b1ccc1
to
08b8065
Compare
fixes ziglang#17408 Helpful reviewers/testers include Joshe Wolfe, Auguste Rame, Andrew Kelley and Jacob Young. Co-authored-by: Joel Gustafson <joelg@mit.edu>
fixes #17408
Comments Addressed
yauzl
test directory (except ones with encryption)Improvements: