Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deflate64Decoder freezes when reading with empty buffer #29

Closed
Pr0methean opened this issue Jul 15, 2024 · 3 comments · Fixed by #30
Closed

Deflate64Decoder freezes when reading with empty buffer #29

Pr0methean opened this issue Jul 15, 2024 · 3 comments · Fixed by #30

Comments

@Pr0methean
Copy link
Contributor

Pr0methean commented Jul 15, 2024
edited
Loading

Got this report at zip-rs/zip2#215:

When testing zip file - raw.zip
with code (I copied this from fuzz directory)

fn check_file(file_path: &str) {
    match File::open(&file_path) {
        Ok(file) => {
            let mut zip = match zip::ZipArchive::new(file) {
                Ok(t) => t,
                Err(e) => {
                    println!("{e}");
                    return;
                }
            };

            for i in 0..zip.len() {
                match zip.by_index(i) {
                    Ok(mut file) => {
                        let mut buf = Vec::new();
                        let _ = file.read(&mut buf);
                    }
                    Err(e) => {
                        println!("{e}");
                    }
                }
            }
        }
        Err(_inspected) => (),
    }
}

it freezes here

0x00005555556b8214 in deflate64::inflater_managed::InflaterManaged::inflate (
    self=<optimized out>, input=..., output=...) at src/inflater_managed.rs:140
140	    pub fn inflate(&mut self, input: &[u8], mut output: &mut [u8]) -> InflateResult {
(gdb) backtrace
#0  0x00005555556b8214 in deflate64::inflater_managed::InflaterManaged::inflate
    (self=<optimized out>, input=..., output=...)
    at src/inflater_managed.rs:140
#1  0x000055555565f63c in deflate64::stream::{impl#3}::read<std::io::buffered::bufreader::BufReader<zip::read::CryptoReader>> (self=0x7ffff62092d8, buf=...)
    at /home/rafal/.cargo/registry/src/index.crates.io-6f17d22bba15001f/deflate64-0.1.8/src/stream.rs:52
#2  0x000055555565a3f8 in zip::crc32::{impl#1}::read<deflate64::stream::Deflate64Decoder<std::io::buffered::bufreader::BufReader<zip::read::CryptoReader>>> (
    self=0x7ffff62092d8, buf=...) at src/crc32.rs:43
#3  0x000055555564eabc in zip::read::{impl#2}::read (self=<optimized out>, 
    buf=...) at src/read.rs:176
#4  0x00005555556525d5 in zip::read::{impl#7}::read (self=0x7ffff6209110, 
    buf=...) at src/read.rs:1484
#5  0x0000555555645e0f in ziprs::check_file (file_path=...) at src/main.rs:40
#6  0x0000555555645141 in ziprs::main () at src/main.rs:22
@anatawa12
Copy link
Owner

Thank you for report.

It looks that I forget to consider empty read output buffer in Read trait implementation.

@anatawa12 anatawa12 mentioned this issue Jul 16, 2024
Merged
@anatawa12
Copy link
Owner

this isn't related to broken file, this always happens with empty output buffer even with valid deflate64 data.

@anatawa12 anatawa12 changed the title inflate() freezes when reading broken file inflate() freezes when reading with empty buffer Jul 16, 2024
@anatawa12 anatawa12 changed the title inflate() freezes when reading with empty buffer Deflate64Decoder freezes when reading with empty buffer Jul 16, 2024
@anatawa12
Copy link
Owner

I have released version fixed this problem as 0.1.9

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Infinite loop in Deflate64Decoder with empty output buffer anatawa12/deflate64-rs
2 participants
@Pr0methean @anatawa12