tdf#105844 package: check for unexpected zip entries on loading ...

... ODF wholesome encrypted package. There can only be "mimetype", "encrypted-package", and files in "META-INF". Change-Id: I5eb46ba29a1a62e25af09e189e0a075a871c71c4 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160718 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
author: Michael Stahl <michael.stahl@allotropia.de> 2023-12-13 21:57:56 +0100
committer: Michael Stahl <michael.stahl@allotropia.de> 2023-12-14 17:59:35 +0100
commit: fb9c58a2f32c352e44ffa30e721ef796dc591d33 (patch)
tree: 5909479684303a7582c9df31905278f11ac40c42 /package/source/zippackage
parent: dcd46a0ff9e3e78fc53ce21e7adf314f6e4a033b (diff)
2 files changed, 13 insertions, 3 deletions
diff --git a/package/source/zippackage/ZipPackage.cxx b/package/source/zippackage/ZipPackage.cxx
index 459b998de79d..8fb6c27876ab 100644
--- a/package/source/zippackage/ZipPackage.cxx
+++ b/package/source/zippackage/ZipPackage.cxx
@@ -452,7 +452,8 @@ void ZipPackage::parseManifest()
         m_xRootFolder->removeByName( sMimetype );
     }
 
-    m_bInconsistent = m_xRootFolder->LookForUnexpectedODF12Streams( std::u16string_view() );
+    m_bInconsistent = m_xRootFolder->LookForUnexpectedODF12Streams(
+        std::u16string_view(), m_xRootFolder->hasByName("encrypted-package"));
 
     bool bODF12AndNewer = ( m_xRootFolder->GetVersion().compareTo( ODFVER_012_TEXT ) >= 0 );
     if ( !m_bForceRecovery && bODF12AndNewer )
diff --git a/package/source/zippackage/ZipPackageFolder.cxx b/package/source/zippackage/ZipPackageFolder.cxx
index 906f36111497..21c71b14cf09 100644
--- a/package/source/zippackage/ZipPackageFolder.cxx
+++ b/package/source/zippackage/ZipPackageFolder.cxx
@@ -70,7 +70,8 @@ ZipPackageFolder::~ZipPackageFolder()
 {
 }
 
-bool ZipPackageFolder::LookForUnexpectedODF12Streams( std::u16string_view aPath )
+bool ZipPackageFolder::LookForUnexpectedODF12Streams(
+        std::u16string_view const aPath, bool const isWholesomeEncryption)
 {
     bool bHasUnexpected = false;
 
@@ -83,10 +84,14 @@ bool ZipPackageFolder::LookForUnexpectedODF12Streams( std::u16string_view aPath
                 // META-INF is not allowed to contain subfolders
                 bHasUnexpected = true;
             }
+            else if (isWholesomeEncryption && rShortName != u"META-INF")
+            {
+                bHasUnexpected = true;
+            }
             else
             {
                 OUString sOwnPath = aPath + rShortName + "/";
-                bHasUnexpected = rInfo.pFolder->LookForUnexpectedODF12Streams( sOwnPath );
+                bHasUnexpected = rInfo.pFolder->LookForUnexpectedODF12Streams(sOwnPath, isWholesomeEncryption);
             }
         }
         else
@@ -102,6 +107,10 @@ bool ZipPackageFolder::LookForUnexpectedODF12Streams( std::u16string_view aPath
 
                 // streams from META-INF with expected names are allowed not to be registered in manifest.xml
             }
+            else if (isWholesomeEncryption && rShortName != "mimetype" && rShortName != "encrypted-package")
+            {
+                bHasUnexpected = true;
+            }
             else if ( !rInfo.pStream->IsFromManifest() )
             {
                 // the stream is not in META-INF and is not registered in manifest.xml,
author	Michael Stahl <michael.stahl@allotropia.de>	2023-12-13 21:57:56 +0100
committer	Michael Stahl <michael.stahl@allotropia.de>	2023-12-14 17:59:35 +0100
commit	fb9c58a2f32c352e44ffa30e721ef796dc591d33 (patch)
tree	5909479684303a7582c9df31905278f11ac40c42 /package/source/zippackage
parent	dcd46a0ff9e3e78fc53ce21e7adf314f6e4a033b (diff)