fix: Decrypt the read bytes in ZipCrypto instead of entire buffer

Fixes `corrupt deflate stream` panic when extracting a file from encrypted archive (zip-rs/zip-old#280).
zip-rs · Apr 27, 2024 · 4078bd3 · 4078bd3
1 parent b718fdf
commit 4078bd3
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 3 deletions.
diff --git a/src/zipcrypto.rs b/src/zipcrypto.rs
@@ -183,11 +183,11 @@ impl<R: std::io::Read> std::io::Read for ZipCryptoReaderValid<R> {
         // Note: There might be potential for optimization. Inspiration can be found at:
         // https://github.com/kornelski/7z/blob/master/CPP/7zip/Crypto/ZipCrypto.cpp
 
-        let result = self.reader.file.read(buf);
-        for byte in buf.iter_mut() {
+        let n = self.reader.file.read(buf)?;
+        for byte in buf.iter_mut().take(n) {
             *byte = self.reader.keys.decrypt_byte(*byte);
         }
-        result
+        Ok(n)
     }
 }
 

diff --git a/tests/zip_crypto.rs b/tests/zip_crypto.rs
@@ -102,3 +102,21 @@ fn encrypted_file() {
         assert_eq!(data, "abcdefghijklmnopqrstuvwxyz123456789".as_bytes());
     }
 }
+
+#[test]
+fn buffered_read() {
+    use std::io::{BufReader, Read};
+
+    // delibirately pick a buffer capacity in a way that when `ZipCryptoReaderValid` read happens, it's not going to take entire buffer,
+    // for this file it needs to be between 13..=46 bytes (with exception of 44 bytes)
+    let zip_file_bytes = &mut Cursor::new(ZIP_CRYPTO_FILE);
+    let buffered = BufReader::with_capacity(13, zip_file_bytes);
+    let mut archive = zip::ZipArchive::new(buffered).unwrap();
+
+    let mut file = archive.by_index_decrypt(0, b"test").unwrap();
+
+    // should not panic with `Custom { kind: Other, error: "Invalid checksum" }`
+    // or `Custom { kind: InvalidInput, error: "corrupt deflate stream" }`
+    let mut data = Vec::new();
+    file.read_to_end(&mut data).unwrap();
+}