NetBSD Problem Report #53068
From makoto@if.t.u-tokyo.ac.jp Sat Mar 3 08:21:36 2018
Return-Path: <makoto@if.t.u-tokyo.ac.jp>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id B7AF37A26A
for <gnats-bugs@gnats.NetBSD.org>; Sat, 3 Mar 2018 08:21:36 +0000 (UTC)
Message-Id: <yfma7vpr2lu.wl-makoto@if.t.u-tokyo.ac.jp>
Date: Sat, 03 Mar 2018 17:21:33 +0900
From: Makoto Fujiwara <makoto@if.t.u-tokyo.ac.jp>
To: gnats-bugs@NetBSD.org
Subject: unzip-6.0nb8 does not recognize password input while decrypting
>Number: 53068
>Category: pkg
>Synopsis: unzip-6.0nb8 does not recognize password input while decrypting
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Mar 03 08:25:00 +0000 2018
>Closed-Date: Mon Mar 05 14:01:02 +0000 2018
>Last-Modified: Mon Mar 05 14:01:02 +0000 2018
>Originator: Makoto Fujiwara
>Release: NetBSD 8.99.12
>Organization:
KINU Coorporation
>Environment:
System: NetBSD CF-SX2 8.99.12 NetBSD 8.99.12 (GENERIC-no-SYNAPTICS) #20: Mon Jan 29 20:23:34 JST 2018 root@CF-SX2:/export/O/sys/arch/amd64/compile/GENERIC-no-SYNAPTICS amd64
Architecture: x86_64
Machine: amd64
>Description:
archivers/zip (zip-3.0nb) of pkgsrc does encrypt to the zip file, while
unzip (unzip-6.0nb8) does not allow decrypting a file.
I've checked FreeBSD ports of unzip (unzip-6.0_7) and found it works fine.
(does not find any related patches there so far, but patches are more than
pkgsrc)
>How-To-Repeat:
Have install archivers/unzip (and zip for test)
CF-SX2@makoto 14:31:33/180303(/tmp)% mkdir unzip
CF-SX2@makoto 14:31:39/180303(/tmp)% cd unzip
CF-SX2@makoto 14:31:41/180303(/tmp/unzip)% echo test test test > 1
CF-SX2@makoto 14:31:48/180303(/tmp/unzip)% zip -e -o 1.zip 1
Enter password:
Verify password:
adding: 1 (deflated 33%)
CF-SX2@makoto 14:32:11/180303(/tmp/unzip)% ls -la
total 32
drwxr-xr-x 2 makoto wheel 96 Mar 3 14:32 .
drwxrwxrwt 7 root wheel 1008 Mar 3 14:31 ..
-rw-r--r-- 1 makoto wheel 15 Mar 3 14:31 1
-rw-r--r-- 1 makoto wheel 190 Mar 3 14:31 1.zip
CF-SX2@makoto 14:32:16/180303(/tmp/unzip)% unzip 1.zip
Archive: 1.zip
[1.zip] 1 password:
password incorrect--reenter:
CF-SX2@makoto 14:32:35/180303(/tmp/unzip)%
>Fix:
not known yet.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: pkg-manager->wiz
Responsible-Changed-By: leot@NetBSD.org
Responsible-Changed-When: Sat, 03 Mar 2018 10:09:44 +0000
Responsible-Changed-Why:
Thomas, can you please give it a look?
(over to MAINTAINER)
From: Makoto Fujiwara <makoto@if.t.u-tokyo.ac.jp>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/53068 (unzip-6.0nb8 does not recognize password input while decrypting)
Date: Sat, 03 Mar 2018 22:13:41 +0900
Let me add (probably usefull) the back trace when setting
breakpoint to the function UzpPassword in fileio.c
(gdb) bt
#0 UzpPassword (pG=0x621b80 <G>, rcnt=0x7f7fff1c35c8, pwbuf=0x7d285270f080 "", size=81, zfn=0x70e438 <G+968888> "/tmp/unzip/1.zip", efn=0x70dec0 <G+967488> "1")
at fileio.c:1580
#1 0x0000000000403e1a in decrypt (passwrd=<optimized out>) at crypt.c:513
#2 0x000000000040666e in extract_or_test_entrylist (numchunk=numchunk@entry=1, pfilnum=pfilnum@entry=0x7f7fff1c3710,
pnum_bad_pwd=pnum_bad_pwd@entry=0x7f7fff1c3718, pold_extra_bytes=pold_extra_bytes@entry=0x7f7fff1c3720, pnum_dirs=pnum_dirs@entry=0x7f7fff1c370c,
pdirlist=pdirlist@entry=0x7f7fff1c3728, error_in_archive=error_in_archive@entry=0) at extract.c:1284
#3 0x0000000000408901 in extract_or_test_files () at extract.c:586
#4 0x000000000040e255 in do_seekable (lastchance=lastchance@entry=0) at process.c:987
#5 0x000000000040ed52 in process_zipfiles () at process.c:401
#6 0x0000000000403882 in unzip (argc=0, argv=0x7f7fff1c3940) at unzip.c:1254
#7 0x0000000000401e3b in ___start ()
#8 0x00007f7f074034d2 in _rtld () from /usr/libexec/ld.elf_so
sorry if you already know ;-)
---
Makoto Fujiwara
Responsible-Changed-From-To: wiz->pkg-manager
Responsible-Changed-By: wiz@NetBSD.org
Responsible-Changed-When: Mon, 05 Mar 2018 09:59:54 +0000
Responsible-Changed-Why:
Thanks for the bug report.
I can reproduce it with both archivers/unzip and wip/unzip.
I'm not motivated to fix this bug though.
I have a couple suggestions:
a) file an upstream bug report
b) for your immediate issue, use 'ziptool 1.zip set_password (yourpassword) cat 0 > 1'
where ziptool is from archivers/libzip
c) do not use old-style zip encryption, it is really weak
Hope this helps.
From: Makoto Fujiwara <makoto@ki.nu>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/53068 (unzip-6.0nb8 does not recognize password input while decrypting)
Date: Mon, 05 Mar 2018 23:00:33 +0900
Thanks wiz@
My incentive was: I'm receiving those encrypted zip files from
my customer, (and always had problem). But on Windows, unzip fine.
I didn't know until recently it was our (not really our, but upstream)
unzip problem.
The strange is that FreeBSD has the same tool, same version without
problem (not really with the same patch set).
That's why my PR.
But your b) suggestion works for may immediate problem.
So I agree to close PR, with 'accept current behavior, not so important'
Thank you.
---
mef@NetBSD.org
Makoto Fujiwara,
Chiba, Japan, Narita Airport and Disneyland prefecture.
State-Changed-From-To: open->closed
State-Changed-By: wiz@NetBSD.org
State-Changed-When: Mon, 05 Mar 2018 14:01:02 +0000
State-Changed-Why:
Suggested workaround is good enough for now, says submitter.
Upstream problem, should be fixed there.
Thanks for the bug report!
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home