From cd7a01c34fc4304ef8161ee617568f274ace5d24 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sun, 18 Mar 2018 23:13:40 +0100
Subject: Windows: Update libzip to version 1.5.0 that include fixes for some
 security issues.

---
 src/Common/libzip/zip_source_win32a.c | 93 ++++++++++++++++++-----------------
 1 file changed, 47 insertions(+), 46 deletions(-)

(limited to 'src/Common/libzip/zip_source_win32a.c')

diff --git a/src/Common/libzip/zip_source_win32a.c b/src/Common/libzip/zip_source_win32a.c
index 85493b66..0780fa50 100644
--- a/src/Common/libzip/zip_source_win32a.c
+++ b/src/Common/libzip/zip_source_win32a.c
@@ -1,48 +1,55 @@
 /*
-zip_source_win32a.c -- create data source from Windows file (ANSI)
-Copyright (C) 1999-2016 Dieter Baron and Thomas Klausner
-
-This file is part of libzip, a library to manipulate ZIP archives.
-The authors can be contacted at <libzip@nih.at>
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-notice, this list of conditions and the following disclaimer in
-the documentation and/or other materials provided with the
-distribution.
-3. The names of the authors may not be used to endorse or promote
-products derived from this software without specific prior
-written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
-OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
-DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
-GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
-IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
-IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+  zip_source_win32a.c -- create data source from Windows file (ANSI)
+  Copyright (C) 1999-2017 Dieter Baron and Thomas Klausner
+
+  This file is part of libzip, a library to manipulate ZIP archives.
+  The authors can be contacted at <libzip@nih.at>
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions
+  are met:
+  1. Redistributions of source code must retain the above copyright
+  notice, this list of conditions and the following disclaimer.
+  2. Redistributions in binary form must reproduce the above copyright
+  notice, this list of conditions and the following disclaimer in
+  the documentation and/or other materials provided with the
+  distribution.
+  3. The names of the authors may not be used to endorse or promote
+  products derived from this software without specific prior
+  written permission.
+
+  THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
+  OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+  ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+  DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+  GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+  IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+  IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
+/* 0x0501 => Windows XP; needs to be at least this value because of GetFileSizeEx */
+#if !defined(MS_UWP) && !defined(_WIN32_WINNT)
+#define _WIN32_WINNT 0x0501
+#endif
+#include <windows.h>
 
 #include <stdio.h>
+#include <stdlib.h>
 
 #include "zipint.h"
 #include "zipwin32.h"
 
-static void * _win32_strdup_a(const void *str);
+static void *_win32_strdup_a(const void *str);
 static HANDLE _win32_open_a(_zip_source_win32_read_file_t *ctx);
 static HANDLE _win32_create_temp_a(_zip_source_win32_read_file_t *ctx, void **temp, zip_uint32_t value, PSECURITY_ATTRIBUTES sa);
 static int _win32_rename_temp_a(_zip_source_win32_read_file_t *ctx);
 static int _win32_remove_a(const void *fname);
 
+// clang-format off
 static _zip_source_win32_file_ops_t win32_ops_a = {
     _win32_strdup_a,
     _win32_open_a,
@@ -50,10 +57,10 @@ static _zip_source_win32_file_ops_t win32_ops_a = {
     _win32_rename_temp_a,
     _win32_remove_a
 };
+// clang-format on
 
 ZIP_EXTERN zip_source_t *
-zip_source_win32a(zip_t *za, const char *fname, zip_uint64_t start, zip_int64_t len)
-{
+zip_source_win32a(zip_t *za, const char *fname, zip_uint64_t start, zip_int64_t len) {
     if (za == NULL)
 	return NULL;
 
@@ -62,8 +69,7 @@ zip_source_win32a(zip_t *za, const char *fname, zip_uint64_t start, zip_int64_t
 
 
 ZIP_EXTERN zip_source_t *
-zip_source_win32a_create(const char *fname, zip_uint64_t start, zip_int64_t length, zip_error_t *error)
-{
+zip_source_win32a_create(const char *fname, zip_uint64_t start, zip_int64_t length, zip_error_t *error) {
     if (fname == NULL || length < -1) {
 	zip_error_set(error, ZIP_ER_INVAL, 0);
 	return NULL;
@@ -74,23 +80,20 @@ zip_source_win32a_create(const char *fname, zip_uint64_t start, zip_int64_t leng
 
 
 static void *
-_win32_strdup_a(const void *str)
-{
+_win32_strdup_a(const void *str) {
     return strdup((const char *)str);
 }
 
 
 static HANDLE
-_win32_open_a(_zip_source_win32_read_file_t *ctx)
-{
+_win32_open_a(_zip_source_win32_read_file_t *ctx) {
     return CreateFileA(ctx->fname, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
 }
 
 
 static HANDLE
-_win32_create_temp_a(_zip_source_win32_read_file_t *ctx, void **temp, zip_uint32_t value, PSECURITY_ATTRIBUTES sa)
-{
-    int len;
+_win32_create_temp_a(_zip_source_win32_read_file_t *ctx, void **temp, zip_uint32_t value, PSECURITY_ATTRIBUTES sa) {
+    size_t len;
 
     len = strlen((const char *)ctx->fname) + 10;
     if (*temp == NULL) {
@@ -108,8 +111,7 @@ _win32_create_temp_a(_zip_source_win32_read_file_t *ctx, void **temp, zip_uint32
 
 
 static int
-_win32_rename_temp_a(_zip_source_win32_read_file_t *ctx)
-{
+_win32_rename_temp_a(_zip_source_win32_read_file_t *ctx) {
     if (!MoveFileExA(ctx->tmpname, ctx->fname, MOVEFILE_REPLACE_EXISTING))
 	return -1;
     return 0;
@@ -117,8 +119,7 @@ _win32_rename_temp_a(_zip_source_win32_read_file_t *ctx)
 
 
 static int
-_win32_remove_a(const void *fname)
-{
+_win32_remove_a(const void *fname) {
     DeleteFileA((const char *)fname);
     return 0;
 }
-- 
cgit v1.2.3