diff --git a/Zip/src/Compress.cpp b/Zip/src/Compress.cpp index 65af92574..dab372cf9 100644 --- a/Zip/src/Compress.cpp +++ b/Zip/src/Compress.cpp @@ -80,7 +80,7 @@ void Compress::addEntry(std::istream& in, const Poco::DateTime& lastModifiedAt, if (hdr.searchCRCAndSizesAfterData()) _offset += ZipDataInfo::getFullHeaderSize(); _files.insert(std::make_pair(fileName.toString(Poco::Path::PATH_UNIX), hdr)); - poco_assert (_out); + if (!_out) throw Poco::IOException("Bad output stream"); ZipFileInfo nfo(hdr); nfo.setOffset(localHeaderOffset); _infos.insert(std::make_pair(fileName.toString(Poco::Path::PATH_UNIX), nfo)); @@ -145,7 +145,7 @@ void Compress::addFileRaw(std::istream& in, const ZipLocalFileHeader& h, const P if (hdr.searchCRCAndSizesAfterData()) _offset += ZipDataInfo::getFullHeaderSize(); _files.insert(std::make_pair(fileName.toString(Poco::Path::PATH_UNIX), hdr)); - poco_assert (_out); + if (!_out) throw Poco::IOException("Bad output stream"); ZipFileInfo nfo(hdr); nfo.setOffset(localHeaderOffset); _infos.insert(std::make_pair(fileName.toString(Poco::Path::PATH_UNIX), nfo)); @@ -213,7 +213,7 @@ void Compress::addDirectory(const Poco::Path& entryName, const Poco::DateTime& l if (hdr.searchCRCAndSizesAfterData()) _offset += ZipDataInfo::getFullHeaderSize(); _files.insert(std::make_pair(entryName.toString(Poco::Path::PATH_UNIX), hdr)); - poco_assert (_out); + if (!_out) throw Poco::IOException("Bad output stream"); ZipFileInfo nfo(hdr); nfo.setOffset(localHeaderOffset); _infos.insert(std::make_pair(entryName.toString(Poco::Path::PATH_UNIX), nfo)); @@ -294,8 +294,7 @@ ZipArchive Compress::close() centralDirSize += entrySize; _offset += entrySize; } - poco_assert (_out); - + if (!_out) throw Poco::IOException("Bad output stream"); Poco::UInt16 numEntries = static_cast(_infos.size()); ZipArchiveInfo central; diff --git a/Zip/src/Decompress.cpp b/Zip/src/Decompress.cpp index 2f94fa949..e01f47e9d 100644 --- a/Zip/src/Decompress.cpp +++ b/Zip/src/Decompress.cpp @@ -39,7 +39,7 @@ Decompress::Decompress(std::istream& in, const Poco::Path& outputDir, bool flatt { _outDir.makeAbsolute(); _outDir.makeDirectory(); - poco_assert (_in.good()); + if (!_in.good()) throw Poco::IOException("Bad input stream"); Poco::File tmp(_outDir); if (!tmp.exists()) { diff --git a/Zip/src/ZipArchiveInfo.cpp b/Zip/src/ZipArchiveInfo.cpp index c76a53dab..e77b7f5e7 100644 --- a/Zip/src/ZipArchiveInfo.cpp +++ b/Zip/src/ZipArchiveInfo.cpp @@ -58,12 +58,16 @@ void ZipArchiveInfo::parse(std::istream& inp, bool assumeHeaderRead) if (!assumeHeaderRead) { inp.read(_rawInfo, ZipCommon::HEADER_SIZE); + if (inp.gcount() != ZipCommon::HEADER_SIZE) + throw Poco::IOException("Failed to read archive info header"); + if (std::memcmp(_rawInfo, HEADER, ZipCommon::HEADER_SIZE) != 0) + throw Poco::DataFormatException("Bad archive info header"); } else { std::memcpy(_rawInfo, HEADER, ZipCommon::HEADER_SIZE); } - poco_assert (std::memcmp(_rawInfo, HEADER, ZipCommon::HEADER_SIZE) == 0); + // read the rest of the header inp.read(_rawInfo + ZipCommon::HEADER_SIZE, FULLHEADER_SIZE - ZipCommon::HEADER_SIZE); Poco::UInt16 len = getZipCommentSize(); diff --git a/Zip/src/ZipDataInfo.cpp b/Zip/src/ZipDataInfo.cpp index 3d5197a0c..8545f3c48 100644 --- a/Zip/src/ZipDataInfo.cpp +++ b/Zip/src/ZipDataInfo.cpp @@ -15,6 +15,7 @@ #include "Poco/Zip/ZipDataInfo.h" +#include "Poco/Exception.h" #include #include @@ -41,10 +42,17 @@ ZipDataInfo::ZipDataInfo(std::istream& in, bool assumeHeaderRead): _valid(false) { if (assumeHeaderRead) + { std::memcpy(_rawInfo, HEADER, ZipCommon::HEADER_SIZE); + } else + { in.read(_rawInfo, ZipCommon::HEADER_SIZE); - poco_assert (std::memcmp(_rawInfo, HEADER, ZipCommon::HEADER_SIZE) == 0); + if (in.gcount() != ZipCommon::HEADER_SIZE) + throw Poco::IOException("Failed to read data info header"); + if (std::memcmp(_rawInfo, HEADER, ZipCommon::HEADER_SIZE) != 0) + throw Poco::DataFormatException("Bad data info header"); + } // now copy the rest of the header in.read(_rawInfo+ZipCommon::HEADER_SIZE, FULLHEADER_SIZE - ZipCommon::HEADER_SIZE); _valid = (!in.eof() && in.good()); diff --git a/Zip/src/ZipFileInfo.cpp b/Zip/src/ZipFileInfo.cpp index 62e14cf5b..18ef3816a 100644 --- a/Zip/src/ZipFileInfo.cpp +++ b/Zip/src/ZipFileInfo.cpp @@ -85,12 +85,16 @@ void ZipFileInfo::parse(std::istream& inp, bool assumeHeaderRead) if (!assumeHeaderRead) { inp.read(_rawInfo, ZipCommon::HEADER_SIZE); + if (inp.gcount() != ZipCommon::HEADER_SIZE) + throw Poco::IOException("Failed to read file info header"); + if (std::memcmp(_rawInfo, HEADER, ZipCommon::HEADER_SIZE) != 0) + throw Poco::DataFormatException("Bad file info header"); } else { std::memcpy(_rawInfo, HEADER, ZipCommon::HEADER_SIZE); } - poco_assert (std::memcmp(_rawInfo, HEADER, ZipCommon::HEADER_SIZE) == 0); + // read the rest of the header inp.read(_rawInfo + ZipCommon::HEADER_SIZE, FULLHEADER_SIZE - ZipCommon::HEADER_SIZE); _crc32 = getCRCFromHeader(); diff --git a/Zip/src/ZipLocalFileHeader.cpp b/Zip/src/ZipLocalFileHeader.cpp index 645775767..00c02ba8d 100644 --- a/Zip/src/ZipLocalFileHeader.cpp +++ b/Zip/src/ZipLocalFileHeader.cpp @@ -103,18 +103,22 @@ void ZipLocalFileHeader::parse(std::istream& inp, bool assumeHeaderRead) if (!assumeHeaderRead) { inp.read(_rawHeader, ZipCommon::HEADER_SIZE); + if (inp.gcount() != ZipCommon::HEADER_SIZE) + throw Poco::IOException("Failed to read local file header"); + if (std::memcmp(_rawHeader, HEADER, ZipCommon::HEADER_SIZE) != 0) + throw Poco::DataFormatException("Bad local file header"); } else { std::memcpy(_rawHeader, HEADER, ZipCommon::HEADER_SIZE); } - poco_assert (std::memcmp(_rawHeader, HEADER, ZipCommon::HEADER_SIZE) == 0); + // read the rest of the header inp.read(_rawHeader + ZipCommon::HEADER_SIZE, FULLHEADER_SIZE - ZipCommon::HEADER_SIZE); if (!(_rawHeader[VERSION_POS + 1]>= ZipCommon::HS_FAT && _rawHeader[VERSION_POS + 1] < ZipCommon::HS_UNUSED)) - throw Poco::DataFormatException("bad ZIP file header", "invalid version"); + throw Poco::DataFormatException("Bad local file header", "invalid version"); if (ZipUtil::get16BitValue(_rawHeader, COMPR_METHOD_POS) >= ZipCommon::CM_UNUSED) - throw Poco::DataFormatException("bad ZIP file header", "invalid compression method"); + throw Poco::DataFormatException("Bad local file header", "invalid compression method"); parseDateTime(); Poco::UInt16 len = getFileNameLength(); if (len > 0) diff --git a/Zip/src/ZipManipulator.cpp b/Zip/src/ZipManipulator.cpp index 5fc00e9ae..73e8e7e1c 100644 --- a/Zip/src/ZipManipulator.cpp +++ b/Zip/src/ZipManipulator.cpp @@ -111,7 +111,7 @@ const ZipLocalFileHeader& ZipManipulator::getForChange(const std::string& zipPat { ZipArchive::FileHeaders::const_iterator it = _in->findHeader(zipPath); if (it == _in->headerEnd()) - throw ZipManipulationException("entry not found: " + zipPath); + throw ZipManipulationException("Entry not found: " + zipPath); if (_changes.find(zipPath) != _changes.end()) throw ZipManipulationException("A change request exists already for entry " + zipPath);