Closes #15897: zipimport.c doesn't check return value of fseek()

diff --git a/Misc/ACKS b/Misc/ACKS
index 8519029784470e3e749397caaabd7766f0f0d3ab..46016e2c3e2faf4688b2a8caaf7d34d01825fb6b 100644 (file)
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -227,6 +227,7 @@ Christopher A. Craig
 Jeremy Craven
 Laura Creighton
 Simon Cross
+Felipe Cruz
 Drew Csillag
 Joaquin Cuenca Abela
 John Cugini

diff --git a/Misc/NEWS b/Misc/NEWS
index a676f3eccf190c5ed2cec07675e7a41395f09db5..e7fc4f8ea4eb0ec651f779c988da3e3c5fce616f 100644 (file)
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -49,6 +49,9 @@ Core and Builtins
 - Issue #15020: The program name used to search for Python's path is now
   "python3" under Unix, not "python".
 
+- Issue #15897: zipimport.c doesn't check return value of fseek().
+  Patch by Felipe Cruz.
+
 - Issue #15033: Fix the exit status bug when modules invoked using -m swith,
   return the proper failure return value (1). Patch contributed by Jeff Knupp.
 

diff --git a/Modules/zipimport.c b/Modules/zipimport.c
index d8c3d8ab29967d4c66836e49684adf1250650de9..d4e49276d2ab5bb19c82a0919557b6c9dede0862 100644 (file)
--- a/Modules/zipimport.c
+++ b/Modules/zipimport.c
@@ -741,7 +741,12 @@ read_directory(PyObject *archive_obj)
             PyErr_Format(ZipImportError, "can't open Zip file: '%U'", archive_obj);
         return NULL;
     }
-    fseek(fp, -22, SEEK_END);
+
+    if (fseek(fp, -22, SEEK_END) == -1) {
+        fclose(fp);
+        PyErr_Format(ZipImportError, "can't read Zip file: %R", archive);
+        return NULL;
+    }
     header_position = ftell(fp);
     if (fread(endof_central_dir, 1, 22, fp) != 22) {
         fclose(fp);
@@ -773,11 +778,13 @@ read_directory(PyObject *archive_obj)
         PyObject *t;
         int err;
 
-        fseek(fp, header_offset, 0);  /* Start of file header */
+        if (fseek(fp, header_offset, 0) == -1)  /* Start of file header */
+            goto fseek_error;
         l = PyMarshal_ReadLongFromFile(fp);
         if (l != 0x02014B50)
             break;              /* Bad: Central Dir File Header */
-        fseek(fp, header_offset + 8, 0);
+        if (fseek(fp, header_offset + 8, 0) == -1)
+            goto fseek_error;
         flags = (unsigned short)PyMarshal_ReadShortFromFile(fp);
         compress = PyMarshal_ReadShortFromFile(fp);
         time = PyMarshal_ReadShortFromFile(fp);
@@ -789,7 +796,8 @@ read_directory(PyObject *archive_obj)
         header_size = 46 + name_size +
            PyMarshal_ReadShortFromFile(fp) +
            PyMarshal_ReadShortFromFile(fp);
-        fseek(fp, header_offset + 42, 0);
+        if (fseek(fp, header_offset + 42, 0) == -1)
+            goto fseek_error;
         file_offset = PyMarshal_ReadLongFromFile(fp) + arc_offset;
         if (name_size > MAXPATHLEN)
             name_size = MAXPATHLEN;
@@ -849,6 +857,12 @@ read_directory(PyObject *archive_obj)
         PySys_FormatStderr("# zipimport: found %ld names in %U\n",
             count, archive_obj);
     return files;
+fseek_error:
+    fclose(fp);
+    Py_XDECREF(files);
+    Py_XDECREF(nameobj);
+    PyErr_Format(ZipImportError, "can't read Zip file: %R", archive);
+    return NULL;
 error:
     fclose(fp);
     Py_XDECREF(files);
@@ -918,7 +932,12 @@ get_data(PyObject *archive, PyObject *toc_entry)
     }
 
     /* Check to make sure the local file header is correct */
-    fseek(fp, file_offset, 0);
+    if (fseek(fp, file_offset, 0) == -1) {
+        fclose(fp);
+        PyErr_Format(ZipImportError, "can't read Zip file: %R", archive);
+        return NULL;
+    }
+
     l = PyMarshal_ReadLongFromFile(fp);
     if (l != 0x04034B50) {
         /* Bad: Local File Header */
@@ -928,7 +947,12 @@ get_data(PyObject *archive, PyObject *toc_entry)
         fclose(fp);
         return NULL;
     }
-    fseek(fp, file_offset + 26, 0);
+    if (fseek(fp, file_offset + 26, 0) == -1) {
+        fclose(fp);
+        PyErr_Format(ZipImportError, "can't read Zip file: %R", archive);
+        return NULL;
+    }
+
     l = 30 + PyMarshal_ReadShortFromFile(fp) +
         PyMarshal_ReadShortFromFile(fp);        /* local header size */
     file_offset += l;           /* Start of file data */
@@ -945,8 +969,13 @@ get_data(PyObject *archive, PyObject *toc_entry)
     buf = PyBytes_AsString(raw_data);
 
     err = fseek(fp, file_offset, 0);
-    if (err == 0)
+    if (err == 0) {
         bytes_read = fread(buf, 1, data_size, fp);
+    } else {
+        fclose(fp);
+        PyErr_Format(ZipImportError, "can't read Zip file: %R", archive);
+        return NULL;
+    }
     fclose(fp);
     if (err || bytes_read != data_size) {
         PyErr_SetString(PyExc_IOError,