diff options
author | Michael BrĂ¼ning <michael.bruning@qt.io> | 2022-11-16 17:43:37 +0100 |
---|---|---|
committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2022-11-22 11:46:39 +0000 |
commit | 20f20a41961ae1f63cf04a02f743cd2d9892a3b0 (patch) | |
tree | 9e7a36085a9e7ece26c693c428a87635be8055bc | |
parent | e843cea172f2a2fee058d4ad7c4dc9a6fdb01b0d (diff) | |
download | qtwebengine-chromium-20f20a41961ae1f63cf04a02f743cd2d9892a3b0.tar.gz |
Fixup the patch for CVE-2022-3200 on 87-based / 5.15
There were a couple of problems when updating the Google specific
parts of the zlib, like some features that were not available yet
in C++-14 and needed explicit initializations and casts.
Also, there were some changes in the string handling in Chromium's base
classes in newer version, which needed some adaptations.
Change-Id: I91dc65eee33d7b8dac7c6fa6a4995127d709bb27
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/443767
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
-rw-r--r-- | chromium/third_party/zlib/google/zip.cc | 6 | ||||
-rw-r--r-- | chromium/third_party/zlib/google/zip_reader.cc | 70 | ||||
-rw-r--r-- | chromium/third_party/zlib/google/zip_reader.h | 2 |
3 files changed, 43 insertions, 35 deletions
diff --git a/chromium/third_party/zlib/google/zip.cc b/chromium/third_party/zlib/google/zip.cc index d5a14f6e1a6..14e33cf39e9 100644 --- a/chromium/third_party/zlib/google/zip.cc +++ b/chromium/third_party/zlib/google/zip.cc @@ -62,11 +62,11 @@ class DirectFileAccessor : public FileAccessor { files->emplace_back(); LOG(ERROR) << "Cannot open " << Redact(path) << ": It is a directory"; } else { - const base::File& file = files->emplace_back( + files->emplace_back( absolute_path, base::File::FLAG_OPEN | base::File::FLAG_READ); - LOG_IF(ERROR, !file.IsValid()) + LOG_IF(ERROR, !files->back().IsValid()) << "Cannot open " << Redact(path) << ": " - << base::File::ErrorToString(file.error_details()); + << base::File::ErrorToString(files->back().error_details()); } } diff --git a/chromium/third_party/zlib/google/zip_reader.cc b/chromium/third_party/zlib/google/zip_reader.cc index 2aa736a28df..ff92c708755 100644 --- a/chromium/third_party/zlib/google/zip_reader.cc +++ b/chromium/third_party/zlib/google/zip_reader.cc @@ -166,7 +166,8 @@ bool ZipReader::OpenFromString(const std::string& data) { void ZipReader::Close() { if (zip_file_) { - if (const UnzipError err{unzClose(zip_file_)}; err != UNZ_OK) { + const UnzipError err = static_cast<UnzipError>(unzClose(zip_file_)); + if (err != UNZ_OK) { LOG(ERROR) << "Error while closing ZIP archive: " << err; } } @@ -183,7 +184,8 @@ const ZipReader::Entry* ZipReader::Next() { // Move to the next entry if we're not trying to open the first entry. if (next_index_ > 0) { - if (const UnzipError err{unzGoToNextFile(zip_file_)}; err != UNZ_OK) { + const UnzipError err = static_cast<UnzipError>(unzGoToNextFile(zip_file_)); + if (err != UNZ_OK) { reached_end_ = true; if (err != UNZ_END_OF_LIST_OF_FILE) { LOG(ERROR) << "Cannot go to next entry in ZIP: " << err; @@ -210,10 +212,10 @@ bool ZipReader::OpenEntry() { // Get entry info. unz_file_info64 info = {}; char path_in_zip[internal::kZipMaxPath] = {}; - if (const UnzipError err{unzGetCurrentFileInfo64( + const UnzipError err = static_cast<UnzipError>(unzGetCurrentFileInfo64( zip_file_, &info, path_in_zip, sizeof(path_in_zip) - 1, nullptr, 0, - nullptr, 0)}; - err != UNZ_OK) { + nullptr, 0)); + if (err != UNZ_OK) { LOG(ERROR) << "Cannot get entry from ZIP: " << err; return false; } @@ -221,7 +223,7 @@ bool ZipReader::OpenEntry() { entry_.path_in_original_encoding = path_in_zip; // Convert path from original encoding to Unicode. - std::u16string path_in_utf16; + base::string16 path_in_utf16; const char* const encoding = encoding_.empty() ? "UTF-8" : encoding_.c_str(); if (!base::CodepageToUTF16(entry_.path_in_original_encoding, encoding, base::OnStringConversionError::SUBSTITUTE, @@ -265,11 +267,11 @@ void ZipReader::Normalize(base::StringPiece16 in) { entry_.is_unsafe = true; // Directory entries in ZIP have a path ending with "/". - entry_.is_directory = base::EndsWith(in, u"/"); + entry_.is_directory = base::EndsWith(in,base::ASCIIToUTF16("/")); - std::u16string normalized_path; - if (base::StartsWith(in, u"/")) { - normalized_path = u"ROOT"; + base::string16 normalized_path; + if (base::StartsWith(in, base::ASCIIToUTF16("/"))) { + normalized_path = base::ASCIIToUTF16("ROOT"); entry_.is_unsafe = false; } @@ -289,16 +291,16 @@ void ZipReader::Normalize(base::StringPiece16 in) { in.remove_prefix(part.size()); if (!normalized_path.empty()) - normalized_path += u'/'; + normalized_path += base::ASCIIToUTF16("/"); - if (part == u".") { - normalized_path += u"DOT"; + if (part == base::ASCIIToUTF16(".")) { + normalized_path += base::ASCIIToUTF16("DOT"); entry_.is_unsafe = true; continue; } - if (part == u"..") { - normalized_path += u"UP"; + if (part == base::ASCIIToUTF16("..")) { + normalized_path += base::ASCIIToUTF16("UP"); entry_.is_unsafe = true; continue; } @@ -353,11 +355,13 @@ bool ZipReader::ExtractCurrentEntry(WriterDelegate* delegate, // is needed, and must be nullptr. const char* const password = entry_.is_encrypted ? password_.c_str() : nullptr; - if (const UnzipError err{unzOpenCurrentFilePassword(zip_file_, password)}; - err != UNZ_OK) { - LOG(ERROR) << "Cannot open file " << Redact(entry_.path) - << " from ZIP: " << err; - return false; + { + const UnzipError err = static_cast<UnzipError>(unzOpenCurrentFilePassword(zip_file_, password)); + if (err != UNZ_OK) { + LOG(ERROR) << "Cannot open file " << Redact(entry_.path) + << " from ZIP: " << err; + return false; + } } DCHECK(delegate); @@ -407,10 +411,13 @@ bool ZipReader::ExtractCurrentEntry(WriterDelegate* delegate, remaining_capacity -= num_bytes_to_write; } - if (const UnzipError err{unzCloseCurrentFile(zip_file_)}; err != UNZ_OK) { - LOG(ERROR) << "Cannot extract file " << Redact(entry_.path) - << " from ZIP: " << err; - entire_file_extracted = false; + { + const UnzipError err = static_cast<UnzipError>(unzCloseCurrentFile(zip_file_)); + if (err != UNZ_OK) { + LOG(ERROR) << "Cannot extract file " << Redact(entry_.path) + << " from ZIP: " << err; + entire_file_extracted = false; + } } if (entire_file_extracted) { @@ -469,8 +476,8 @@ void ZipReader::ExtractCurrentEntryToFilePathAsync( // is needed, and must be nullptr. const char* const password = entry_.is_encrypted ? password_.c_str() : nullptr; - if (const UnzipError err{unzOpenCurrentFilePassword(zip_file_, password)}; - err != UNZ_OK) { + const UnzipError err = static_cast<UnzipError>(unzOpenCurrentFilePassword(zip_file_, password)); + if (err != UNZ_OK) { LOG(ERROR) << "Cannot open file " << Redact(entry_.path) << " from ZIP: " << err; base::SequencedTaskRunnerHandle::Get()->PostTask( @@ -535,8 +542,8 @@ bool ZipReader::OpenInternal() { DCHECK(zip_file_); unz_global_info zip_info = {}; // Zero-clear. - if (const UnzipError err{unzGetGlobalInfo(zip_file_, &zip_info)}; - err != UNZ_OK) { + const UnzipError err = static_cast<UnzipError>(unzGetGlobalInfo(zip_file_, &zip_info)); + if (err != UNZ_OK) { LOG(ERROR) << "Cannot get ZIP info: " << err; return false; } @@ -568,7 +575,8 @@ void ZipReader::ExtractChunk(base::File output_file, unzReadCurrentFile(zip_file_, buffer, internal::kZipBufSize); if (num_bytes_read == 0) { - if (const UnzipError err{unzCloseCurrentFile(zip_file_)}; err != UNZ_OK) { + const UnzipError err = static_cast<UnzipError>(unzCloseCurrentFile(zip_file_)); + if (err != UNZ_OK) { LOG(ERROR) << "Cannot extract file " << Redact(entry_.path) << " from ZIP: " << err; std::move(failure_callback).Run(); @@ -674,8 +682,8 @@ FilePathWriterDelegate::~FilePathWriterDelegate() {} bool FilePathWriterDelegate::PrepareOutput() { // We can't rely on parent directory entries being specified in the // zip, so we make sure they are created. - if (const base::FilePath dir = output_file_path_.DirName(); - !base::CreateDirectory(dir)) { + const base::FilePath dir = output_file_path_.DirName(); + if (!base::CreateDirectory(dir)) { PLOG(ERROR) << "Cannot create directory " << Redact(dir); return false; } diff --git a/chromium/third_party/zlib/google/zip_reader.h b/chromium/third_party/zlib/google/zip_reader.h index eb0a76a2315..de87cdaaedd 100644 --- a/chromium/third_party/zlib/google/zip_reader.h +++ b/chromium/third_party/zlib/google/zip_reader.h @@ -317,7 +317,7 @@ class ZipReader { // Progress time delta. // TODO(crbug.com/953256) Add this as parameter to the unzip options. - base::TimeDelta progress_period_ = base::Milliseconds(1000); + base::TimeDelta progress_period_ = base::TimeDelta::FromMilliseconds(1000); // Number of bytes read since last progress report callback executed. mutable uint64_t delta_bytes_read_ = 0; |