classification
Title: Exception while extracting file from ZIP with non-matching file name in central directory
Type: behavior Stage:
Components: Library (Lib) Versions: Python 2.7
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: zyxtarmo
Priority: normal Keywords: patch

Created on 2017-08-10 13:05 by zyxtarmo, last changed 2017-08-10 13:08 by zyxtarmo.

Files
File name Uploaded Description Edit
ZIP_filename_confusion.pdf zyxtarmo, 2017-08-10 13:05 Small research paper on the topic
zipfile.patch zyxtarmo, 2017-08-10 13:08
Pull Requests
URL Status Linked Edit
PR 3035 zyxtarmo, 2017-08-10 13:05
Messages (2)
msg300080 - (view) Author: Tarmo Randel (zyxtarmo) * Date: 2017-08-10 13:05
The problem: miscreants are modifying ZIP file header parts so, that Python based automated analysis tools are unable to process the contents of the ZIP file but intended clients are able to open the file and extract the possibly malicious contents.

Github pull request contains patch addressing the issue so that developer can make conscious decision to allow extraction process to complete. Quite important feature for security researchers.
msg300081 - (view) Author: Tarmo Randel (zyxtarmo) * Date: 2017-08-10 13:08
Proposed patch
History
Date User Action Args
2017-08-10 13:08:08zyxtarmosetfiles: + zipfile.patch
keywords: + patch
messages: + msg300081
2017-08-10 13:05:08zyxtarmocreate