Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove local header compressed/uncomressed size validation vs central directory records #32149

Merged
merged 16 commits into from
Feb 21, 2020
Merged

Remove local header compressed/uncomressed size validation vs central directory records #32149

merged 16 commits into from
Feb 21, 2020

Conversation

buyaa-n
Copy link
Contributor

@buyaa-n buyaa-n commented Feb 12, 2020
edited
Loading

Fixes #1094
In 3.0 we have added local header validation against central directory data due to #27741 which was breaking change as zip archives with invalid or non standard header is now fail to extract.

While investigating #1094 @eerhardt found a bug in Data Descriptor section read, meanwhile other people commented on the bug about more issues they are having with the change. There is 3 main issues reported:

  • Bug caused from reading the value using ReadIn32t instead of ReadUInt32

  • DD value for ZIP64 format written in the way we didn't expect (apparently some zip tools produces it differently)

  • DD bit is set but the DD section is missing. Compressed/Uncompressed size values set in the original position in the stream.

After investigating the issue with the team we decided to use more forgiving logic for validation same as in WPF so that allow acceptable zips pass the validation. This change will fix first 2 scenarios above. The 3rd scenario is an invalid zip for which the validation would fail. In case customers still want to extract such zip they could use AppContext switch we added with this PR which disables the the validation

@buyaa-n buyaa-n added this to the 5.0 milestone Feb 12, 2020
eerhardt
eerhardt approved these changes Feb 12, 2020
View reviewed changes
Copy link
Member

@eerhardt eerhardt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. Nice work here, @buyaa-n.

src/libraries/System.IO.Compression/src/System/IO/Compression/ZipHelper.cs Outdated Show resolved Hide resolved
@buyaa-n
Copy link
Contributor Author

buyaa-n commented Feb 13, 2020

Looks good to me. Nice work here, @buyaa-n.

Thank you for digging into it and suggesting with the fix @eerhardt

@buyaa-n
Copy link
Contributor Author

buyaa-n commented Feb 13, 2020
edited
Loading

We are having test failures for Mac mono and Linux mono test run. From my search result https://github.com/mono/mono/pull/7233/files#diff-d4a99dd2b7df29f027dae0b3eec6c8e6R31 seems in mono tests using RemoteExecutor need to be defined in the make file or wherever it is set now. I was not able to find the make file above from runtime repo so looking for mono devs help on it CC @akoeplinger @directhex

Other test failures are unrelated

@akoeplinger
Copy link
Member

seems in mono tests using RemoteExecutor need to be defined in the make file

That's no longer the case with the mono used in dotnet/runtime.

From the test result I can see that the RemoteExecutor worked fine but hit an exception in the test:

Child exception:
  System.IO.InvalidDataException: A local file header is corrupt.
   at System.IO.Compression.ZipArchiveEntry.ThrowIfNotOpenable(Boolean needToUncompress, Boolean needToLoadIntoMemory) in /_/src/libraries/System.IO.Compression/src/System/IO/Compression/ZipArchiveEntry.cs:line 595
   at System.IO.Compression.ZipArchiveEntry.OpenInReadMode(Boolean checkOpenable) in /_/src/libraries/System.IO.Compression/src/System/IO/Compression/ZipArchiveEntry.cs:line 667
   at System.IO.Compression.ZipArchiveEntry.Open() in /_/src/libraries/System.IO.Compression/src/System/IO/Compression/ZipArchiveEntry.cs:line 294
   at System.IO.Compression.Tests.zip_InvalidParametersAndStrangeFiles.<>c.<ZipArchiveEntry_AppContext_Switch_SuppresHeaderValidation>b__6_0(String suppressString) in /_/src/libraries/System.IO.Compression/tests/ZipArchive/zip_InvalidParametersAndStrangeFiles.cs:line 151
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) in /_/src/mono/netcore/System.Private.CoreLib/src/System/Reflection/RuntimeMethodInfo.cs:line 339

Child process:
  System.IO.Compression.Tests, Version=5.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51 System.IO.Compression.Tests.zip_InvalidParametersAndStrangeFiles+<>c Void <ZipArchiveEntry_AppContext_Switch_SuppresHeaderValidation>b__6_0(System.String)

Child arguments:
  True

This only seems to happen for the suppressValidation: true case so it's probably something to do with the AppContext switch setting not working on Mono.

I'd suggest filing a bug and disabling that test with [ActiveIssue("https://github.com/dotnet/runtime/issues/XXXX", TestRuntimes.Mono)].

@buyaa-n
Copy link
Contributor Author

buyaa-n commented Feb 14, 2020

This only seems to happen for the suppressValidation: true case so it's probably something to do with the AppContext switch setting not working on Mono.

There is a static variable caching AppContext switch result, with the help of RemoteExecutor the test is running in isolated process not being affected by other tests, so it could be RemoteExecutor issue too, anyways I will file an issue and disable the test for mono, thank you!

@buyaa-n buyaa-n mentioned this pull request Feb 14, 2020
Closed
@buyaa-n buyaa-n requested a review from jkotas February 14, 2020 21:57
@danmoseley
Copy link
Member

Please help add (exactly one) area-XXX label when the bot does not add one - that will help train it.

@MyBisnisMedia MyBisnisMedia mentioned this pull request Feb 20, 2020
Closed
@buyaa-n buyaa-n changed the title Read Zip data descriptor same as in WPF Remove local header compressed/uncomressed size validation vs central directory records Feb 20, 2020
@buyaa-n buyaa-n merged commit 0fdd938 into dotnet:master Feb 21, 2020
@jaredpar jaredpar mentioned this pull request Feb 21, 2020
Closed
@buyaa-n buyaa-n mentioned this pull request Feb 21, 2020
Merged
@buyaa-n buyaa-n deleted the zip_validation_update branch June 3, 2020 00:32
@ghost ghost locked as resolved and limited conversation to collaborators Dec 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Wraith2 Wraith2 Wraith2 left review comments

@GSPP GSPP GSPP left review comments

@ericstj ericstj ericstj left review comments

@eerhardt eerhardt eerhardt approved these changes

@danmoseley danmoseley danmoseley left review comments

@carlossanlop carlossanlop carlossanlop left review comments

@jkotas jkotas jkotas approved these changes

Assignees
No one assigned
Labels
area-System.IO.Compression
Projects
None yet
Milestone
5.0.0
Development

Successfully merging this pull request may close these issues.

"A local file header is corrupt" error after upgrading to 3.0/3.1
9 participants
@buyaa-n @akoeplinger @danmoseley @carlossanlop @jkotas @eerhardt @ericstj @GSPP @Wraith2