Closed
Bug 365448
Opened 18 years ago
Closed 2 years ago
libjar nsZipArchive.cpp ExtractMode() function assumes unix like file attributes in external_attributes
Categories
(Core :: Networking: JAR, defect, P5)
Core
Networking: JAR
Tracking
()
RESOLVED
INCOMPLETE
People
(Reporter: kurt, Unassigned)
Details
(Whiteboard: [necko-would-take])
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.5; OpenBSD) KHTML/3.5.5 (like Gecko) Build Identifier: xulrunner 1.8.0.4 There is an assumption that external_attributes contains unix like file attributes. When a zip file is created on a non-unix system, this is not a valid assumption and the item->mode is setup incorrectly. This results in files extracted with the wrong mode (usually 600). To demonstrate the problem using xulrunner, perform a --install-app on the chatzilla-0.9.77-xr.zip example xul app on a unix system. All the files are created with mode 600. Reproducible: Always Steps to Reproduce: 1. download http://chatzilla.rdmsoft.com/xulrunner/download/chatzilla-0.9.77-xr.zip 2. sudo xulrunner --install-app chatzilla-0.9.77-xr.zip ExtractMode() should inspect version_made_by[1] and confirm unix like file attributes before using them. For non-unix like attributes either set a sane default or deal with the various cases (see unzip/zipinfo for example code).
Updated•8 years ago
|
Whiteboard: [necko-would-take]
Comment 1•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P5
since Mozilla stopped supporting the development of XULrunner i will set this bug as resolved incomplete.
Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•