From 1ae0764e01ac0ad15cc16395fc36809343755823 Mon Sep 17 00:00:00 2001 From: Dan Albert Date: Thu, 9 Apr 2015 14:11:18 -0700 Subject: [PATCH] Prevent unaligned read in libziparchive. Change-Id: I4afc3729a1b2c06a6621cb8c9742fc94b5a665f5 --- libziparchive/Android.mk | 10 +++++----- libziparchive/zip_archive.cc | 33 ++++++++++++++++----------------- 2 files changed, 21 insertions(+), 22 deletions(-) diff --git a/libziparchive/Android.mk b/libziparchive/Android.mk index 0d31001aa..a3087eed7 100644 --- a/libziparchive/Android.mk +++ b/libziparchive/Android.mk @@ -21,7 +21,7 @@ include $(CLEAR_VARS) LOCAL_CPP_EXTENSION := .cc LOCAL_SRC_FILES := ${source_files} LOCAL_STATIC_LIBRARIES := libz -LOCAL_SHARED_LIBRARIES := libutils +LOCAL_SHARED_LIBRARIES := libutils libbase LOCAL_MODULE:= libziparchive LOCAL_CFLAGS := -Werror -Wall LOCAL_CPPFLAGS := -Wold-style-cast @@ -30,7 +30,7 @@ include $(BUILD_STATIC_LIBRARY) include $(CLEAR_VARS) LOCAL_CPP_EXTENSION := .cc LOCAL_SRC_FILES := ${source_files} -LOCAL_STATIC_LIBRARIES := libz libutils +LOCAL_STATIC_LIBRARIES := libz libutils libbase LOCAL_MODULE:= libziparchive-host LOCAL_CFLAGS := -Werror ifneq ($(strip $(USE_MINGW)),) @@ -43,7 +43,7 @@ include $(CLEAR_VARS) LOCAL_CPP_EXTENSION := .cc LOCAL_SRC_FILES := ${source_files} LOCAL_STATIC_LIBRARIES := libz libutils -LOCAL_SHARED_LIBRARIES := liblog +LOCAL_SHARED_LIBRARIES := liblog libbase LOCAL_MODULE:= libziparchive-host LOCAL_CFLAGS := -Werror LOCAL_MULTILIB := both @@ -55,7 +55,7 @@ LOCAL_MODULE := ziparchive-tests LOCAL_CPP_EXTENSION := .cc LOCAL_CFLAGS := -Werror LOCAL_SRC_FILES := zip_archive_test.cc entry_name_utils_test.cc -LOCAL_SHARED_LIBRARIES := liblog +LOCAL_SHARED_LIBRARIES := liblog libbase LOCAL_STATIC_LIBRARIES := libziparchive libz libutils include $(BUILD_NATIVE_TEST) @@ -66,7 +66,7 @@ LOCAL_CFLAGS += \ -Werror \ -Wno-unnamed-type-template-args LOCAL_SRC_FILES := zip_archive_test.cc entry_name_utils_test.cc -LOCAL_SHARED_LIBRARIES := libziparchive-host liblog +LOCAL_SHARED_LIBRARIES := libziparchive-host liblog libbase LOCAL_STATIC_LIBRARIES := \ libz \ libutils diff --git a/libziparchive/zip_archive.cc b/libziparchive/zip_archive.cc index 58285f130..57c46a3c3 100644 --- a/libziparchive/zip_archive.cc +++ b/libziparchive/zip_archive.cc @@ -18,27 +18,29 @@ * Read-only access to Zip archives, with minimal heap allocation. */ -#include -#include - #include #include #include #include #include -#include #include #include #include -#include -#include -#include -#include // TEMP_FAILURE_RETRY may or may not be in unistd +#include +#include + +#include "base/macros.h" // TEMP_FAILURE_RETRY may or may not be in unistd +#include "base/memory.h" +#include "log/log.h" +#include "utils/Compat.h" +#include "utils/FileMap.h" +#include "zlib.h" #include "entry_name_utils-inl.h" #include "ziparchive/zip_archive.h" +using android::base::get_unaligned; // This is for windows. If we don't open a file in binary mode, weird // things will happen. @@ -46,11 +48,6 @@ #define O_BINARY 0 #endif -#define DISALLOW_IMPLICIT_CONSTRUCTORS(TypeName) \ - TypeName(); \ - TypeName(const TypeName&); \ - void operator=(const TypeName&) - // The "end of central directory" (EOCD) record. Each archive // contains exactly once such record which appears at the end of // the archive. It contains archive wide information like the @@ -462,10 +459,12 @@ static int32_t MapCentralDirectory0(int fd, const char* debug_file_name, */ int i = read_amount - sizeof(EocdRecord); for (; i >= 0; i--) { - if (scan_buffer[i] == 0x50 && - ((*reinterpret_cast(&scan_buffer[i])) == EocdRecord::kSignature)) { - ALOGV("+++ Found EOCD at buf+%d", i); - break; + if (scan_buffer[i] == 0x50) { + uint32_t* sig_addr = reinterpret_cast(&scan_buffer[i]); + if (get_unaligned(sig_addr) == EocdRecord::kSignature) { + ALOGV("+++ Found EOCD at buf+%d", i); + break; + } } } if (i < 0) {