thow encryption/compression errors in Entry#getData

gildas-lormeau · Jan 19, 2021 · 2be7f5e · 2be7f5e
1 parent 75f724c
commit 2be7f5e
Showing 1 changed file with 14 additions and 11 deletions.
diff --git a/lib/zip-reader.js b/lib/zip-reader.js
@@ -106,9 +106,6 @@ class ZipReader {
 			}
 			entry.rawExtraField = dataArray.subarray(offset + 46 + entry.filenameLength, offset + 46 + entry.filenameLength + entry.extraFieldLength);
 			readCommonFooter(entry, entry, directoryDataView, offset + 6);
-			if (entry.compressionMethod != 0x0 && entry.compressionMethod != 0x08) {
-				throw new Error(ERR_UNSUPPORTED_COMPRESSION);
-			}
 			entry.rawComment = dataArray.subarray(offset + 46 + entry.filenameLength + entry.extraFieldLength, offset + 46
 				+ entry.filenameLength + entry.extraFieldLength + entry.commentLength);
 			entry.comment = decodeString(entry.rawComment, entry.bitFlag.languageEncodingFlag ? CHARSET_UTF8 : this.options.commentEncoding || CHARSET_WIN_1252);
@@ -155,6 +152,17 @@ class Entry {
 		const dataView = new DataView(dataArray.buffer);
 		const password = options.password === undefined ? this.options.password : options.password;
 		let inputPassword = password && password.length && password;
+		if (this.extraFieldAES) {
+			if (this.extraFieldAES.originalCompressionMethod != 0x63) {
+				throw new Error(ERR_UNSUPPORTED_COMPRESSION);
+			}
+			if (this.extraFieldAES.strength != 3) {
+				throw new Error(ERR_UNSUPPORTED_ENCRYPTION);
+			}
+		}
+		if (this.compressionMethod != 0x0 && this.compressionMethod != 0x08) {
+			throw new Error(ERR_UNSUPPORTED_COMPRESSION);
+		}
 		if (dataView.getUint32(0, false) != 0x504b0304) {
 			throw ERR_LOCAL_FILE_HEADER_NOT_FOUND;
 		}
@@ -280,18 +288,13 @@ function readExtraFieldUnicodePath(extraFieldUnicodePath, directory, entry) {
 
 function readExtraFieldAES(extraFieldAES, directory, compressionMethod) {
 	if (extraFieldAES) {
-		if (compressionMethod != 0x63) {
-			throw new Error(ERR_UNSUPPORTED_COMPRESSION);
-		}
 		const extraFieldView = new DataView(extraFieldAES.data.buffer);
 		extraFieldAES.vendorVersion = extraFieldView.getUint8(0);
 		extraFieldAES.vendorId = extraFieldView.getUint8(2);
 		const strength = extraFieldView.getUint8(4);
-		extraFieldAES.compressionMethod = extraFieldView.getUint16(5, true);
-		if (strength != 3) {
-			throw new Error(ERR_UNSUPPORTED_ENCRYPTION);
-		}
-		directory.compressionMethod = extraFieldAES.compressionMethod;
+		extraFieldAES.strength = strength;
+		extraFieldAES.originalCompressionMethod = compressionMethod;
+		directory.compressionMethod = extraFieldAES.compressionMethod = extraFieldView.getUint16(5, true);
 	} else {
 		directory.compressionMethod = compressionMethod;
 	}