search

FraunhoferISST / TREND

Traceability Enforcement of Datatransfers (TREND)
https://fraunhoferisst.github.io/TREND/
Other
5 stars 2 forks source link

unzip shows warnings and errors on watermarked zips #23

Open hnorkowski opened 2 months ago

hnorkowski commented 2 months ago

🐞 Bug Report

Describe the Bug

When trying unzip a watermarked zip file the unzip command shows warnings and sometimes even errors:

Archive:  multiple_files_watermarked.zip
warning [multiple_files_watermarked.zip]:  32 extra bytes at beginning or within zipfile
  (attempting to process anyway)
file #1:  bad zipfile offset (local header sig):  32
  (attempting to re-compensate)
 extracting: a.txt
A

error: invalid zip file with overlapped components (possible zip bomb)
 To unzip the file anyway, rerun the command with UNZIP_DISABLE_ZIPBOMB_DETECTION=TRUE environmnent variable

unzip version:

 UnZip 6.00 of 20 April 2009, by Info-ZIP.  Maintained by C. Spieler.  Send
bug reports using http://www.info-zip.org/zip-bug.html; see README for details.

To Reproduce

Steps to reproduce the behavior:

  1. go to samples/
  2. execute unzip -c multiple_files_watermarked.zip

Expected Behavior

Files are extracted without warnings or errors

System Information

Additional Context

It might not be possible to prevent a warning. It depends on the implementation of the specific application. Details about the file format: https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT