Merge branch 'master' into release/v1.4.0

Author: piksel

src/ICSharpCode.SharpZipLib/Encryption/PkzipClassic.cs

@@ -6,7 +6,7 @@ namespace ICSharpCode.SharpZipLib.Encryption
 {
 	/// <summary>
 	/// PkzipClassic embodies the classic or original encryption facilities used in Pkzip archives.
-	/// While it has been superceded by more recent and more powerful algorithms, its still in use and
+	/// While it has been superseded by more recent and more powerful algorithms, its still in use and
 	/// is viable for preventing casual snooping
 	/// </summary>
 	public abstract class PkzipClassic : SymmetricAlgorithm

src/ICSharpCode.SharpZipLib/Encryption/ZipAESTransform.cs

@@ -50,7 +50,11 @@ public ZipAESTransform(string key, byte[] saltBytes, int blockSize, bool writeMo
 			_encrPos = ENCRYPT_BLOCK;
 
 			// Performs the equivalent of derive_key in Dr Brian Gladman's pwd2key.c
+#if NET472_OR_GREATER || NETSTANDARD2_1_OR_GREATER || NETCOREAPP2_0_OR_GREATER
+			var pdb = new Rfc2898DeriveBytes(key, saltBytes, KEY_ROUNDS, HashAlgorithmName.SHA1);
+#else
 			var pdb = new Rfc2898DeriveBytes(key, saltBytes, KEY_ROUNDS);
+#endif
 			var rm = Aes.Create();
 			rm.Mode = CipherMode.ECB;           // No feedback from cipher for CTR mode
 			_counterNonce = new byte[_blockSize];
@@ -121,23 +125,9 @@ public int TransformBlock(byte[] inputBuffer, int inputOffset, int inputCount, b
 		/// </summary>
 		public byte[] TransformFinalBlock(byte[] inputBuffer, int inputOffset, int inputCount)
 		{
-			var buffer = Array.Empty<byte>();
-
-			// FIXME: When used together with `ZipAESStream`, the final block handling is done inside of it instead
-			// This should not be necessary anymore, and the entire `ZipAESStream` class should be replaced with a plain `CryptoStream`
-			if (inputCount != 0) {
-				if (inputCount > ZipAESStream.AUTH_CODE_LENGTH)
-				{
-					// At least one byte of data is preceeding the auth code
-					int finalBlock = inputCount - ZipAESStream.AUTH_CODE_LENGTH;
-					buffer = new byte[finalBlock];
-					TransformBlock(inputBuffer, inputOffset, finalBlock, buffer, 0);
-				}
-				else if (inputCount < ZipAESStream.AUTH_CODE_LENGTH)
-					throw new Zip.ZipException("Auth code missing from input stream");
-
-				// Read the authcode from the last 10 bytes
-				_authCode = _hmacsha1.GetHashAndReset();
+			if (inputCount > 0)
+			{
+				throw new NotImplementedException("TransformFinalBlock is not implemented and inputCount is greater than 0");
 			}
 
 

src/ICSharpCode.SharpZipLib/Tar/TarArchive.cs

@@ -356,8 +356,7 @@ public string RootPath
 				{
 					throw new ObjectDisposedException("TarArchive");
 				}
-				// Convert to forward slashes for matching. Trim trailing / for correct final path
-				rootPath = value.Replace('\\', '/').TrimEnd('/');
+				rootPath = value.ToTarArchivePath().TrimEnd('/');
 			}
 		}
 
@@ -660,7 +659,9 @@ private void ExtractEntry(string destDir, TarEntry entry, bool allowParentTraver
 			string destFile = Path.Combine(destDir, name);
 			var destFileDir = Path.GetDirectoryName(Path.GetFullPath(destFile)) ?? "";
 
-			if (!allowParentTraversal && !destFileDir.StartsWith(destDir, StringComparison.InvariantCultureIgnoreCase))
+			var isRootDir = entry.IsDirectory && entry.Name == "";
+
+			if (!allowParentTraversal && !isRootDir && !destFileDir.StartsWith(destDir, StringComparison.InvariantCultureIgnoreCase))
 			{
 				throw new InvalidNameException("Parent traversal in paths is not allowed");
 			}

src/ICSharpCode.SharpZipLib/Tar/TarEntry.cs

@@ -372,15 +372,10 @@ public void GetFileTarHeader(TarHeader header, string file)
 						}
 			*/
 
-			name = name.Replace(Path.DirectorySeparatorChar, '/');
-
 			// No absolute pathnames
 			// Windows (and Posix?) paths can start with UNC style "\\NetworkDrive\",
 			// so we loop on starting /'s.
-			while (name.StartsWith("/", StringComparison.Ordinal))
-			{
-				name = name.Substring(1);
-			}
+			name = name.ToTarArchivePath();
 
 			header.LinkName = String.Empty;
 			header.Name = name;

src/ICSharpCode.SharpZipLib/Tar/TarExtendedHeaderReader.cs

@@ -1,4 +1,5 @@
-using System.Collections.Generic;
+using System;
+using System.Collections.Generic;
 using System.Text;
 
 namespace ICSharpCode.SharpZipLib.Tar
@@ -26,7 +27,10 @@ public class TarExtendedHeaderReader
 
 		private int state = LENGTH;
 
-		private static readonly byte[] StateNext = new[] { (byte)' ', (byte)'=', (byte)'\n' };
+		private int currHeaderLength;
+		private int currHeaderRead;
+
+		private static readonly byte[] StateNext = { (byte)' ', (byte)'=', (byte)'\n' };
 
 		/// <summary>
 		/// Creates a new <see cref="TarExtendedHeaderReader"/>.
@@ -46,23 +50,46 @@ public void Read(byte[] buffer, int length)
 			for (int i = 0; i < length; i++)
 			{
 				byte next = buffer[i];
+				
+				var foundStateEnd = state == VALUE 
+					? currHeaderRead == currHeaderLength -1
+					: next == StateNext[state];
 
-				if (next == StateNext[state])
+				if (foundStateEnd)
 				{
 					Flush();
 					headerParts[state] = sb.ToString();
 					sb.Clear();
-
+					
 					if (++state == END)
 					{
-						headers.Add(headerParts[KEY], headerParts[VALUE]);
+						if (!headers.ContainsKey(headerParts[KEY]))
+						{
+							headers.Add(headerParts[KEY], headerParts[VALUE]);
+						}
+
 						headerParts = new string[3];
+						currHeaderLength = 0;
+						currHeaderRead = 0;
 						state = LENGTH;
 					}
+					else
+					{
+						currHeaderRead++;
+					}
+					
+
+					if (state != VALUE) continue;
+
+					if (int.TryParse(headerParts[LENGTH], out var vl))
+					{
+						currHeaderLength = vl;
+					}
 				}
 				else
 				{
 					byteBuffer[bbIndex++] = next;
+					currHeaderRead++;
 					if (bbIndex == 4)
 						Flush();
 				}

src/ICSharpCode.SharpZipLib/Tar/TarStringExtension.cs

@@ -0,0 +1,13 @@
+using System.IO;
+using ICSharpCode.SharpZipLib.Core;
+
+namespace ICSharpCode.SharpZipLib.Tar
+{
+	internal static class TarStringExtension
+	{
+		public static string ToTarArchivePath(this string s)
+		{
+			return PathUtils.DropPathRoot(s).Replace(Path.DirectorySeparatorChar, '/');
+		}
+	}
+}

src/ICSharpCode.SharpZipLib/Zip/ZipInputStream.cs

@@ -3,6 +3,7 @@
 using ICSharpCode.SharpZipLib.Zip.Compression;
 using ICSharpCode.SharpZipLib.Zip.Compression.Streams;
 using System;
+using System.Diagnostics;
 using System.IO;
 
 namespace ICSharpCode.SharpZipLib.Zip
@@ -181,31 +182,12 @@ public ZipEntry GetNextEntry()
 				CloseEntry();
 			}
 
-			int header = inputBuffer.ReadLeInt();
-
-			if (header == ZipConstants.CentralHeaderSignature ||
-				header == ZipConstants.EndOfCentralDirectorySignature ||
-				header == ZipConstants.CentralHeaderDigitalSignature ||
-				header == ZipConstants.ArchiveExtraDataSignature ||
-				header == ZipConstants.Zip64CentralFileHeaderSignature)
+			if (!SkipUntilNextEntry())
 			{
-				// No more individual entries exist
 				Dispose();
 				return null;
 			}
 
-			// -jr- 07-Dec-2003 Ignore spanning temporary signatures if found
-			// Spanning signature is same as descriptor signature and is untested as yet.
-			if ((header == ZipConstants.SpanningTempSignature) || (header == ZipConstants.SpanningSignature))
-			{
-				header = inputBuffer.ReadLeInt();
-			}
-
-			if (header != ZipConstants.LocalHeaderSignature)
-			{
-				throw new ZipException("Wrong Local header signature: 0x" + String.Format("{0:X}", header));
-			}
-
 			var versionRequiredToExtract = (short)inputBuffer.ReadLeShort();
 
 			flags = inputBuffer.ReadLeShort();
@@ -303,6 +285,54 @@ public ZipEntry GetNextEntry()
 			return entry;
 		}
 
+		/// <summary>
+		/// Reads bytes from the input stream until either a local file header signature, or another signature
+		/// indicating that no more entries should be present, is found.
+		/// </summary>
+		/// <exception cref="ZipException">Thrown if the end of the input stream is reached without any signatures found</exception>
+		/// <returns>Returns whether the found signature is for a local entry header</returns>
+		private bool SkipUntilNextEntry()
+		{
+			// First let's skip all null bytes since it's the sane padding to add when updating an entry with smaller size
+			var paddingSkipped = 0;
+			while(inputBuffer.ReadLeByte() == 0) {
+				paddingSkipped++;
+			}
+			
+			// Last byte read was not actually consumed, restore the offset
+			inputBuffer.Available += 1;
+			if(paddingSkipped > 0) {
+				Debug.WriteLine("Skipped {0} null byte(s) before reading signature", paddingSkipped);
+			}
+			
+			var offset = 0;
+			// Read initial header quad directly after the last entry
+			var header = (uint)inputBuffer.ReadLeInt();
+			do
+			{
+				switch (header)
+				{
+					case ZipConstants.CentralHeaderSignature:
+					case ZipConstants.EndOfCentralDirectorySignature:
+					case ZipConstants.CentralHeaderDigitalSignature:
+					case ZipConstants.ArchiveExtraDataSignature:
+					case ZipConstants.Zip64CentralFileHeaderSignature:
+						Debug.WriteLine("Non-entry signature found at offset {0,2}: 0x{1:x8}", offset, header);
+						// No more individual entries exist
+						return false;
+
+					case ZipConstants.LocalHeaderSignature:
+						Debug.WriteLine("Entry local header signature found at offset {0,2}: 0x{1:x8}", offset, header);
+						return true;
+					default:
+						// Current header quad did not match any signature, shift in another byte
+						header = (uint) (inputBuffer.ReadLeByte() << 24) | (header >> 8);
+						offset++;
+						break;
+				}
+			} while (true); // Loop until we either get an EOF exception or we find the next signature
+		}
+
 		/// <summary>
 		/// Read data descriptor at the end of compressed data.
 		/// </summary>
@@ -400,6 +430,7 @@ public void CloseEntry()
 
 			if ((inputBuffer.Available > csize) && (csize >= 0))
 			{
+				// Buffer can contain entire entry data. Internally offsetting position inside buffer
 				inputBuffer.Available = (int)((long)inputBuffer.Available - csize);
 			}
 			else

src/ICSharpCode.SharpZipLib/Zip/ZipOutputStream.cs

@@ -521,9 +521,10 @@ internal void PutNextEntry(Stream stream, ZipEntry entry, long streamOffset = 0,
 		public async Task PutNextEntryAsync(ZipEntry entry, CancellationToken ct = default)
 		{
 			if (curEntry != null) await CloseEntryAsync(ct);
+			var position = CanPatchEntries ? baseOutputStream_.Position : -1; 
 			await baseOutputStream_.WriteProcToStreamAsync(s =>
 			{
-				PutNextEntry(s, entry, baseOutputStream_.Position);
+				PutNextEntry(s, entry, position);
 			}, ct);
 
 			if (!entry.IsCrypted) return;
@@ -807,11 +808,11 @@ public override void Write(byte[] buffer, int offset, int count)
 
 		private void CopyAndEncrypt(byte[] buffer, int offset, int count)
 		{
-			const int CopyBufferSize = 4096;
-			byte[] localBuffer = new byte[CopyBufferSize];
+			const int copyBufferSize = 4096;
+			byte[] localBuffer = new byte[copyBufferSize];
 			while (count > 0)
 			{
-				int bufferCount = (count < CopyBufferSize) ? count : CopyBufferSize;
+				int bufferCount = (count < copyBufferSize) ? count : copyBufferSize;
 
 				Array.Copy(buffer, offset, localBuffer, 0, bufferCount);
 				EncryptBlock(localBuffer, 0, bufferCount);

test/ICSharpCode.SharpZipLib.Tests/Tar/TarTests.cs

@@ -833,7 +833,7 @@ public void ParseHeaderWithEncoding(int length, string encodingName)
 			reparseHeader.ParseBuffer(headerbytes, enc);
 			Assert.AreEqual(name, reparseHeader.Name);
 			// top 100 bytes are name field in tar header
-			for (int i = 0;i < encodedName.Length;i++)
+			for (int i = 0; i < encodedName.Length; i++)
 			{
 				Assert.AreEqual(encodedName[i], headerbytes[i]);
 			}
@@ -852,9 +852,9 @@ public async Task StreamWithJapaneseNameAsync(int length, string encodingName)
 			var entryName = new string((char)0x3042, length);
 			var data = new byte[32];
 			var encoding = Encoding.GetEncoding(encodingName);
-			using(var memoryStream = new MemoryStream())
+			using (var memoryStream = new MemoryStream())
 			{
-				using(var tarOutput = new TarOutputStream(memoryStream, encoding))
+				using (var tarOutput = new TarOutputStream(memoryStream, encoding))
 				{
 					var entry = TarEntry.CreateTarEntry(entryName);
 					entry.Size = 32;
@@ -874,5 +874,47 @@ public async Task StreamWithJapaneseNameAsync(int length, string encodingName)
 				File.WriteAllBytes(Path.Combine(Path.GetTempPath(), $"jpnametest_{length}_{encodingName}.tar"), memoryStream.ToArray());
 			}
 		}
+		/// <summary>
+		/// This test could be considered integration test. it creates a tar archive with the root directory specified
+		/// Then extracts it and compares the two folders. This used to fail on unix due to issues with root folder handling
+		/// in the tar archive.
+		/// </summary>
+		[Test]
+		[Category("Tar")]
+		public void RootPathIsRespected()
+		{
+			using (var extractDirectory = new TempDir())
+			using (var tarFileName = new TempFile())
+			using (var tempDirectory = new TempDir())
+			{
+				tempDirectory.CreateDummyFile();
+
+				using (var tarFile = File.Open(tarFileName.FullName, FileMode.Create))
+				{
+					using (var tarOutputStream = TarArchive.CreateOutputTarArchive(tarFile))
+					{
+						tarOutputStream.RootPath = tempDirectory.FullName;
+						var entry = TarEntry.CreateEntryFromFile(tempDirectory.FullName);
+						tarOutputStream.WriteEntry(entry, true);
+					}
+				}
+
+				using (var file = File.OpenRead(tarFileName.FullName))
+				{
+					using (var archive = TarArchive.CreateInputTarArchive(file, Encoding.UTF8))
+					{
+						archive.ExtractContents(extractDirectory.FullName);
+					}
+				}
+
+				var expectationDirectory = new DirectoryInfo(tempDirectory.FullName);
+				foreach (var checkFile in expectationDirectory.GetFiles("", SearchOption.AllDirectories))
+				{
+					var relativePath = checkFile.FullName.Substring(expectationDirectory.FullName.Length + 1);
+					FileAssert.Exists(Path.Combine(extractDirectory.FullName, relativePath));
+					FileAssert.AreEqual(checkFile.FullName, Path.Combine(extractDirectory.FullName, relativePath));
+				}
+			}
+		}
 	}
 }

test/ICSharpCode.SharpZipLib.Tests/TestSupport/Streams.cs

@@ -177,13 +177,15 @@ public class MemoryStreamWithoutSeek : TrackedMemoryStream
 		/// </summary>
 		/// <value></value>
 		/// <returns>true if the stream is open.</returns>
-		public override bool CanSeek
+		public override bool CanSeek => false;
+
+		/// <inheritdoc />
+		public override long Position
 		{
-			get
-			{
-				return false;
-			}
+			get => throw new NotSupportedException("Getting position is not supported");
+			set => throw new NotSupportedException("Setting position is not supported");
 		}
+
 	}
 
 	/// <summary>