Open dtheyer opened 4 weeks ago
@AlexMaynesPointon and I also looked into a fix in https://github.com/python/cpython/pull/121172
Ah, sorry! I missed that you were creating a PR too. Since you did the hard work of finding and triaging I'm happy for your PR to go ahead of mine. Are you able to copy the tests from mine into your pull request?
This issue also affected the zip64 file count limit threshold which you could fix at the same time (there's a test in my branch for that). Also, the FileHeader(zip64)
call takes a zip64
argument that indicates when the zip64 stuff needs to be written (currently just used if the compressed or uncompressed file size is larger than the individual file threshold is exceeded). I think using that existing machinery would be more straightforward than modifying the ZipInfo directly.
Let me know when you're ready and I'll do a review :)
No worries, your changes look much more complete, I am just happy to see this fixed. Sorry for not correctly tagging the pull request, it is my first time trying to submit any pull requests. Since your changes cover everything I did and more, it makes more sense to just merge your pull request.
Sorry for the confusion. Thanks for the detailed bug report!
Bug report
Bug description:
When creating a zip file which contains a file large enough to push additional files beyond the ZIP64_LIMIT, the extract version is correctly incremented to 4.5 in the Central Header, but not in the Local Header. This mismatch is usually ignored, but more picky implementations fail when validating the zip file.
When the Local Header is being generated, the extract version that is used does not account for the fact that if the header is located farther than the ZIP64_LIMIT, the ZIP64_VERSION is needed since to reference the header offset the Central Header needs to store the offset in the Extra Bits.
Repro
Create a directory with a file over the ZIP64_LIMIT and a file after it, then zip the directory:
Using zipdetails we can see the extract_version in the local header does not match the central header:
The zip -F command also warns about the mismatch:
CPython versions tested on:
3.10, CPython main branch
Operating systems tested on:
Linux, Windows
Linked PRs