1161325 – unzip reports crc error and produces incorrect output

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1161325 - unzip reports crc error and produces incorrect output

Summary: unzip reports crc error and produces incorrect output

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	unzip
Sub Component:
Version:	19
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Petr Stodulka
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:	1153388
Blocks:	1161302
TreeView+	depends on / blocked

Reported:	2014-11-06 21:53 UTC by Petr Stodulka
Modified:	2014-12-17 04:41 UTC (History)
CC List:	4 users (show)
Fixed In Version:	unzip-6.0-17.fc21
Doc Type:	Bug Fix
Doc Text:
Clone Of:	1153388
Environment:
Last Closed:	2014-12-07 04:40:15 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Debian BTS	694601	0	None	None	None	Never

Description Petr Stodulka 2014-11-06 21:53:58 UTC

+++ This bug was initially created as a clone of Bug #1153388 +++

Description of problem:

Running unzip on a file results in a CRC error and incorrect result.

Version-Release number of selected component (if applicable):

unzip-6.0-12.fc20.x86_64

How reproducible:

every time on this file (have not tried any others)

Steps to Reproduce:
1. download this 840MB file https://www.dropbox.com/s/4xst9sqhtybzfy0/2014-01-07-wheezy-raspbian-2014-03-12-rpi-touch.zip
2. run unzip and pipe to md5sum
3. 

Actual results:

$ unzip -p 2014-01-07-wheezy-raspbian-2014-03-12-rpi-touch.zip | md5sum -
2014-01-07-wheezy-raspbian-2014-03-12-rpi-touch.img  bad CRC 4468cad1  (should be a2b15cd3)
5b3bd0d40794dd47ccb3aebfb404cf22  -

Expected results:

no crc error, correct md5sum is cd3ff3aa233357ca03a8f781a946d9fb

Additional info:

Valgrind detects an overlapping memcpy() which I think it fixes and generates  the correct md5sum result. This same md5sum is produced when the file is decompressed using the Windows 7 unzip file shell.

A similar defect was reported in Debian https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694601 

$ valgrind unzip -p 2014-01-07-wheezy-raspbian-2014-03-12-rpi-touch.zip | md5sum -
==22166== Memcheck, a memory error detector
==22166== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==22166== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright info
==22166== Command: unzip -p 2014-01-07-wheezy-raspbian-2014-03-12-rpi-touch.zip
==22166== 
==22166== Source and destination overlap in memcpy(0x713480, 0x713484, 5)
==22166==    at 0x4A0A403: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22166==    by 0x40DF47: inflate_codes (string3.h:51)
==22166==    by 0x410C4A: inflate_dynamic (inflate.c:1373)
==22166==    by 0x410F56: inflate (inflate.c:1421)
==22166==    by 0x407FBB: extract_or_test_entrylist (extract.c:1855)
==22166==    by 0x409D1C: extract_or_test_files (extract.c:584)
==22166==    by 0x4150A5: process_zipfiles (process.c:987)
==22166==    by 0x403B44: unzip (unzip.c:1254)
==22166==    by 0x3110C21D64: (below main) (in /usr/lib64/libc-2.18.so)
==22166== 
==22166== 
==22166== HEAP SUMMARY:
==22166==     in use at exit: 0 bytes in 0 blocks
==22166==   total heap usage: 1,697,865 allocs, 1,697,865 frees, 592,822,898 bytes allocated
==22166== 
==22166== All heap blocks were freed -- no leaks are possible
==22166== 
==22166== For counts of detected and suppressed errors, rerun with: -v
==22166== ERROR SUMMARY: 3667 errors from 1 contexts (suppressed: 2 from 2)
cd3ff3aa233357ca03a8f781a946d9fb  -

--- Additional comment from  on 2014-11-06 15:03:49 EST ---

overlap is creating due to C optimization bug (comment from author). After few tests I must say that code is OK. Only solution now is really add NOMEMCPY for compilation, which resolve this bug. Will be patched soon

Comment 1 Fedora Update System 2014-11-06 22:05:13 UTC

unzip-6.0-12.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/unzip-6.0-12.fc19

Comment 2 Fedora Update System 2014-11-09 15:46:08 UTC

Package unzip-6.0-12.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing unzip-6.0-12.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2014-14505/unzip-6.0-12.fc19
then log in and leave karma (feedback).

Comment 3 Fedora Update System 2014-11-27 15:50:22 UTC

unzip-6.0-17.fc21 has been submitted as an update for Fedora 21.
https://admin.fedoraproject.org/updates/unzip-6.0-17.fc21

Comment 4 Fedora Update System 2014-11-27 15:50:33 UTC

unzip-6.0-14.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/unzip-6.0-14.fc20

Comment 5 Fedora Update System 2014-11-27 15:51:47 UTC

unzip-6.0-13.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/unzip-6.0-13.fc19

Comment 6 Fedora Update System 2014-12-07 04:40:15 UTC

unzip-6.0-14.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2014-12-17 04:41:19 UTC

unzip-6.0-17.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.