Add missing NULL check in zip_stat_index. #202
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dellis1972
added a commit
to dellis1972/LibZipSharp
that referenced
this pull request
Aug 5, 2020
We had a problem in Xamarin.Android where libzip would crash on our test machine. This turned out to be a bung in libzip itself. nih-at/libzip#202 There was a missing `NULL` check in `zip_stat_index`. This PR adds a patch to allow us to patch this problem in the latest release of `libzip` so that we can bump to the latest version in Xamrain.Android.
grendello
pushed a commit
to dotnet/android-libzipsharp
that referenced
this pull request
Aug 5, 2020
We had a problem in Xamarin.Android where libzip would crash on our test machine. This turned out to be a bung in libzip itself. nih-at/libzip#202 There was a missing `NULL` check in `zip_stat_index`. This PR adds a patch to allow us to patch this problem in the latest release of `libzip` so that we can bump to the latest version in Xamrain.Android.
grendello
pushed a commit
to dotnet/android
that referenced
this pull request
Aug 12, 2020
Fixes: dotnet/android-libzipsharp#64 Context: https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1139578 Context: https://liquid.microsoft.com/Web/Object/Read/ms.security/Requirements/Microsoft.Security.SystemsADM.10039#guide Changes: dotnet/android-libzipsharp@1.0.10...1.0.20 * dotnet/android-libzipsharp@1752f95: Statically Linux libzip.so (#70) * dotnet/android-libzipsharp@2b1762f: Fix Dll SearchPath to include Assembly Directory. (#69) * dotnet/android-libzipsharp@28b4639: Merge pull request #68 from dellis1972/fixwindowssearch * dotnet/android-libzipsharp@fdabcda: Fix Windows to look in Assembly Directory for 32bit dll. * dotnet/android-libzipsharp@b332af0: Fix Native Crash on Windows. (#67) * dotnet/android-libzipsharp@96eb5e3: Use DefaultDllImportSearchPathsAttribute (#66) * dotnet/android-libzipsharp@755a42a: Bump libzip to 1.7.3 and go back to mingw (#65) * dotnet/android-libzipsharp@5ae5e70: Merge pull request #60 from xamarin/msvc-static-link * dotnet/android-libzipsharp@30ff680: Build libzip with static CRT and VS2019 * dotnet/android-libzipsharp@bad320e: Merge pull request #59 from dellis1972/theswitcharoo * dotnet/android-libzipsharp@d7bc2c5: Merge pull request #58 from xamarin/optimize-winbuild * dotnet/android-libzipsharp@34dc213: Make 64 bit Linux native lib the default. * dotnet/android-libzipsharp@d3aad35: fixup! Optimize libzip build * dotnet/android-libzipsharp@0970a01: Optimize libzip build * dotnet/android-libzipsharp@d321af1: Merge pull request #57 from xamarin/fix-win32-packaging * dotnet/android-libzipsharp@80b739d: Fix a typo which caused 64-bit dll to be packaged for 32-bit Windows * dotnet/android-libzipsharp@1665db0: Bump the version (to 1.0.12), to prepare to release (#56) * dotnet/android-libzipsharp@dd5e939: Throw exception instead of silently failing if zip save/close fails (#54) * dotnet/android-libzipsharp@2df5b16: Fix enumerating zip with deleted entries (#53) * dotnet/android-libzipsharp@a042554: Add .editorconfig, copied from xamarin-android (#55) * dotnet/android-libzipsharp@a0973d4: Bump libzip to 1.6.1 (#49) Changes: nih-at/libzip@rel-1-5-1...v1.7.3 * Context: https://libzip.org/news/release-1.7.3.html * Context: https://libzip.org/news/release-1.7.2.html * Context: https://libzip.org/news/release-1.7.1.html * Context: https://libzip.org/news/release-1.7.0.html Two primary changes of note in this xamarin/LibZipSharp bump: 1. Bump to `libzip` 1.7.3, which contains numerious fixes and improvements over the previously used 1.5.1 release. 2. Use of `DefaultDllImportSearchPathsAttribute` so that native library dependencies are loaded securely, i.e. w/o allowing "other" libraries to be loaded from unsafe directories. Unfortunately, the `libzip` bump itself caused issues, PR #4751 and PR #4937 each had integration tests "randomly" SIGSEGV. This was eventually tracked down to a bug within `libzip` itself, fixed at: * nih-at/libzip#202
jonpryor
pushed a commit
to dotnet/android
that referenced
this pull request
Aug 20, 2020
Fixes: dotnet/android-libzipsharp#64 Context: https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1139578 Context: https://liquid.microsoft.com/Web/Object/Read/ms.security/Requirements/Microsoft.Security.SystemsADM.10039#guide Changes: dotnet/android-libzipsharp@1.0.10...1.0.20 * dotnet/android-libzipsharp@1752f95: Statically Linux libzip.so (#70) * dotnet/android-libzipsharp@2b1762f: Fix Dll SearchPath to include Assembly Directory. (#69) * dotnet/android-libzipsharp@28b4639: Merge pull request #68 from dellis1972/fixwindowssearch * dotnet/android-libzipsharp@fdabcda: Fix Windows to look in Assembly Directory for 32bit dll. * dotnet/android-libzipsharp@b332af0: Fix Native Crash on Windows. (#67) * dotnet/android-libzipsharp@96eb5e3: Use DefaultDllImportSearchPathsAttribute (#66) * dotnet/android-libzipsharp@755a42a: Bump libzip to 1.7.3 and go back to mingw (#65) * dotnet/android-libzipsharp@5ae5e70: Merge pull request #60 from xamarin/msvc-static-link * dotnet/android-libzipsharp@30ff680: Build libzip with static CRT and VS2019 * dotnet/android-libzipsharp@bad320e: Merge pull request #59 from dellis1972/theswitcharoo * dotnet/android-libzipsharp@d7bc2c5: Merge pull request #58 from xamarin/optimize-winbuild * dotnet/android-libzipsharp@34dc213: Make 64 bit Linux native lib the default. * dotnet/android-libzipsharp@d3aad35: fixup! Optimize libzip build * dotnet/android-libzipsharp@0970a01: Optimize libzip build * dotnet/android-libzipsharp@d321af1: Merge pull request #57 from xamarin/fix-win32-packaging * dotnet/android-libzipsharp@80b739d: Fix a typo which caused 64-bit dll to be packaged for 32-bit Windows * dotnet/android-libzipsharp@1665db0: Bump the version (to 1.0.12), to prepare to release (#56) * dotnet/android-libzipsharp@dd5e939: Throw exception instead of silently failing if zip save/close fails (#54) * dotnet/android-libzipsharp@2df5b16: Fix enumerating zip with deleted entries (#53) * dotnet/android-libzipsharp@a042554: Add .editorconfig, copied from xamarin-android (#55) * dotnet/android-libzipsharp@a0973d4: Bump libzip to 1.6.1 (#49) Changes: nih-at/libzip@rel-1-5-1...v1.7.3 * Context: https://libzip.org/news/release-1.7.3.html * Context: https://libzip.org/news/release-1.7.2.html * Context: https://libzip.org/news/release-1.7.1.html * Context: https://libzip.org/news/release-1.7.0.html Two primary changes of note in this xamarin/LibZipSharp bump: 1. Bump to `libzip` 1.7.3, which contains numerious fixes and improvements over the previously used 1.5.1 release. 2. Use of `DefaultDllImportSearchPathsAttribute` so that native library dependencies are loaded securely, i.e. w/o allowing "other" libraries to be loaded from unsafe directories. Unfortunately, the `libzip` bump itself caused issues, PR #4751 and PR #4937 each had integration tests "randomly" SIGSEGV. This was eventually tracked down to a bug within `libzip` itself, fixed at: * nih-at/libzip#202
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This was found on a project we have running on Windows. We would get a native crash when opening and updating an entry from a stream. We found that in this case
entry->changeswasNULLwhich was causing the crash.Not sure if this is right but adding the
NULLcheck works around the problem. It might be enough, if not please let me know what else needs to happen. I'm quite happy to add code to this PR.