GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ronomon → Zip

ronomon / Zip

Licence: mit
Robust ZIP decoder with defenses against dangerous compression ratios, spec deviations, malicious archive signatures, mismatching local and central directory headers, ambiguous UTF-8 filenames, directory and symlink traversals, invalid MS-DOS dates, overlapping headers, overflow, underflow, sparseness, accidental buffer bleeds etc.

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

zip

Projects that are alternatives of or similar to Zip

Zipstorer
A Pure C# Class to Store Files in Zip
Stars: ✭ 139 (-45.28%)
Mutual labels:  zip
Libzippp
C++ wrapper for libzip
Stars: ✭ 169 (-33.46%)
Mutual labels:  zip
Datacompression
Swift libcompression wrapper as an extension for the Data type (GZIP, ZLIB, LZFSE, LZMA, LZ4, deflate, RFC-1950, RFC-1951, RFC-1952)
Stars: ✭ 191 (-24.8%)
Mutual labels:  zip
Uvtools
MSLA/DLP, file analysis, calibration, repair, conversion and manipulation
Stars: ✭ 148 (-41.73%)
Mutual labels:  zip
Expresscart
A fully functioning Node.js shopping cart with Stripe, PayPal, Authorize.net, PayWay, Blockonomics, Adyen, Zip and Instore payments.
Stars: ✭ 2,069 (+714.57%)
Mutual labels:  zip
Zydra
Stars: ✭ 178 (-29.92%)
Mutual labels:  zip
Myutils
🙏 提供时间轴转星座|生肖工具、系统存储空间获取工具、文件大小格式化工具、获取指定文件大小工具、AES加密解码工具(支持android端平台加密解密,java端和android端相互加密解密)、SharePreference操作工具、 File文件操作工具、日期获取和计算工具、界面跳转Intent操作工具、字符串验证和数值转换操作工具、手机震动工具、系统资源操作工具、网络检测工具、 wifi操作工具、单位换算工具、zip压缩和解压操作工具、XML解析操作工具(只支持几种指定格式)、图片加载和处理工具,数据库操作(增删改查)工具、Base64编码解码工具、MD5加密工具。
Stars: ✭ 130 (-48.82%)
Mutual labels:  zip
Turbobench
Compression Benchmark
Stars: ✭ 211 (-16.93%)
Mutual labels:  zip
Zip
Swift framework for zipping and unzipping files.
Stars: ✭ 2,120 (+734.65%)
Mutual labels:  zip
Node Archiver
a streaming interface for archive generation
Stars: ✭ 2,300 (+805.51%)
Mutual labels:  zip
Libarchivejs
Archive library for browsers
Stars: ✭ 145 (-42.91%)
Mutual labels:  zip
Bit7z
A C++ static library offering a clean and simple interface to the 7-zip DLLs.
Stars: ✭ 159 (-37.4%)
Mutual labels:  zip
Mod zip
Streaming ZIP archiver for nginx 📦
Stars: ✭ 178 (-29.92%)
Mutual labels:  zip
Miscellaneous R Code
Code that might be useful to others for learning/demonstration purposes, specifically along the lines of modeling and various algorithms. Now almost entirely superseded by the models-by-example repo.
Stars: ✭ 146 (-42.52%)
Mutual labels:  zip
Zip.js
JavaScript library to zip and unzip files in the browser and Deno
Stars: ✭ 2,444 (+862.2%)
Mutual labels:  zip
Quickpkg
wrapper for pkgbuild to quickly build simple packages from an installed app, a dmg or zip archive.
Stars: ✭ 137 (-46.06%)
Mutual labels:  zip
Compress
Optimized Go Compression Packages
Stars: ✭ 2,478 (+875.59%)
Mutual labels:  zip
Unifiedarchive
UnifiedArchive - an archive manager with a unified way for different formats. Supports all basic (listing, reading, extracting and creation) and specific features (compression level, password-protection). Bundled with console program for working with archives.
Stars: ✭ 246 (-3.15%)
Mutual labels:  zip
Vue Blog
🎉 基于vue全家桶 + element-ui 构建的一个后台管理集成解决方案
Stars: ✭ 208 (-18.11%)
Mutual labels:  zip
Bkcrack
Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
Stars: ✭ 178 (-29.92%)
Mutual labels:  zip
View All Similar Projects ➔

zip

Robust ZIP decoder with defenses against dangerous compression ratios, spec deviations, malicious archive signatures, mismatching local and central directory headers, ambiguous UTF-8 filenames, directory and symlink traversals, invalid MS-DOS dates, overlapping headers, overflow, underflow, sparseness, buffer bleeds etc.

Installation

npm install @ronomon/zip

Usage

Inspect the local file headers of an archive at the command line:

scripts/decode <file>

Parse the local file headers of an archive:

var ZIP = require('@ronomon/zip');
var buffer = fs.readFileSync(archive);
try {
  var headers = ZIP.decode(buffer);
} catch (error) {
  console.error(error.message);
}

Extract the file data of a local file header:

var file = ZIP.inflate(header, buffer);

Robust

  • Rejects zip files that are too small, i.e. less than 22 bytes.

  • Rejects zip files that exceed 2 GB to protect vulnerable downstream zip implementations from int32_t overflow.

  • Rejects zip files that are truncated, i.e. with no end of central directory record.

  • Rejects zip files with prepended data, which can be exploited to distribute malicious JAR files appended to MSI files signed by third parties and other chameleon files. A chameleon file is an ambiguous file that looks different depending on the parser implementation used to open the file.

  • Rejects zip files with appended data, which can be exploited for malware stuffing or which might represent buffer bleeds.

  • Rejects zip files with dangerous compression ratios, i.e. more than 100 to 1. These are unlikely to be benign.

  • Rejects zip files with excessively negative compression ratios (CVE-2018-18384).

  • Rejects malicious rar, tar and xar files that pretend to be zip files in order to evade content type detection or antivirus scanning. Some unzip utilities will unzip these files.

  • Rejects local file headers that overlap, which can be exploited for zip bombs.

  • Rejects local file headers that diverge from the central directory header, which can be exploited to create ambiguity in file metadata or content. For example, some decoders might interpret the local file header as a malicious EXE file, while most decoders might interpret the central directory header as a harmless TXT file.

  • Rejects local file headers that overflow each other or the central directory, which can be exploited for remote code execution.

  • Rejects local file headers that underflow each other or the central directory, i.e. gaps between local files or between the last local file and the central directory, which might be exploited for malware stuffing or which might represent buffer bleeds.

  • Rejects local file headers with invalid combinations of bit 3, crc32 and compressed or uncompressed sizes. Malware hygiene is poor when it comes to the spec.

  • Rejects data descriptors that overflow.

  • Rejects central directory headers that overflow.

  • Rejects central directory headers that underflow.

  • Rejects archives spanning multiple disks, encryption mechanisms and archive headers, compression methods other than 0 (uncompressed) or 8 (deflate), ZIP64 version 2 (and ZIP64 version 1), unused and reserved flags, since all of these are rejected by ISO/IEC 21320-1:2015. Encrypted archives are often used to distribute malware and evade antivirus scanning.

  • Rejects compression methods greater than 999 to prevent buffer overflows (CVE-2016-9844).

  • Accepts UTF-8 as well as the CP437 character encoding contrary to ISO/IEC 21320-1:2015 since CP437 is a common zip character encoding.

  • Rejects unequal compressed and uncompressed sizes when a file is stored uncompressed, which can be exploited to create ambiguity, i.e. in file content.

  • Rejects MS-DOS date years after 2099 that are not correctly handled by some zip implementations.

  • Rejects MS-DOS date months that are out of range, i.e. more than 12, characteristic of malware archives.

  • Rejects MS-DOS date days that are out of range, i.e. more than 31, characteristic of malware archives.

  • Rejects MS-DOS date hours that are out of range, i.e. more than 23, characteristic of malware archives.

  • Rejects MS-DOS date minutes that are out of range, i.e. more than 59, characteristic of malware archives.

  • Rejects MS-DOS date seconds that are out of range, i.e. more than 59, characteristic of malware archives.

  • Rejects unicode path extra fields that overflow.

  • Rejects unicode path extra fields that underflow.

  • Rejects unicode path extra fields that have an invalid version.

  • Rejects unicode path extra fields that diverge from the central directory, which can be exploited to create ambiguity, i.e. in file extension.

  • Rejects extra fields that exceed 4096 bytes as an arbitrary upper bound.

  • Rejects extra fields with an invalid length, i.e. only 1, 2 or 3 bytes.

  • Rejects invalid UTF-8 strings, which can be used to exploit vulnerable UTF-8 decoders.

  • Rejects directories that pretend to be files, i.e. with compressed or uncompressed sizes not equal to 0.

  • Rejects dangerous unix mode permissions: setuid, setgid and sticky bits (CVE-2005-0602).

  • Rejects dangerous unix mode types: block devices, character devices, fifo special files and sockets.

  • Rejects file names containing null bytes.

  • Rejects file names containing control characters, which can be used to mask ".." as part of a directory traversal (CVE-2003-0282).

  • Rejects file names containing backslashes. All slashes must be forward slashes according to the spec.

  • Rejects file names exceeding 4096 bytes to prevent buffer overflows (CVE-2018-1000035).

  • Rejects file name components exceeding 255 bytes to prevent buffer overflows.

  • Rejects directory traversal via file name, which can be exploited to overwrite system files.

  • Rejects directory traversal via symlink, which can be exploited to overwrite system files. Some zip decoders, including antivirus scanners and popular email services, do not detect directory traversal via symlink.

  • Rejects compressed symlinks for simplicity, since these are highly unlikely.

  • Rejects symlinks that exceed 1024 bytes as an arbitrary upper bound to prevent runaway string decoding.

Tests

@ronomon/zip has been tested on several large and diverse data sets, including David Fifield's "A better zip bomb".

Automated fuzz tests are yet to be included.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].