Comparing version 3.1.2 to 3.1.3
@@ -198,8 +198,25 @@ // This was adapted from https://github.com/andrewrk/node-fd-slicer by Andrew Kelley under the MIT License. | ||
BufferSlicer.prototype.read = function(buffer, offset, length, position, callback) { | ||
var end = position + length; | ||
var delta = end - this.buffer.length; | ||
var written = (delta > 0) ? delta : length; | ||
this.buffer.copy(buffer, offset, position, end); | ||
if (!(0 <= offset && offset <= buffer.length)) throw new RangeError("offset outside buffer: 0 <= " + offset + " <= " + buffer.length); | ||
if (position < 0) throw new RangeError("position is negative: " + position); | ||
if (offset + length > buffer.length) { | ||
// The caller's buffer can't hold all the bytes they're trying to read. | ||
// Clamp the length instead of giving an error. | ||
// The callback will be informed of fewer than expected bytes written. | ||
length = buffer.length - offset; | ||
} | ||
if (position + length > this.buffer.length) { | ||
// Clamp any attempt to read past the end of the source buffer. | ||
length = this.buffer.length - position; | ||
} | ||
if (length <= 0) { | ||
// After any clamping, we're fully out of bounds or otherwise have nothing to do. | ||
// This isn't an error; it's just zero bytes written. | ||
setImmediate(function() { | ||
callback(null, 0); | ||
}); | ||
return; | ||
} | ||
this.buffer.copy(buffer, offset, position, position + length); | ||
setImmediate(function() { | ||
callback(null, written); | ||
callback(null, length); | ||
}); | ||
@@ -206,0 +223,0 @@ }; |
{ | ||
"name": "yauzl", | ||
"version": "3.1.2", | ||
"version": "3.1.3", | ||
"description": "yet another unzip library for node", | ||
@@ -5,0 +5,0 @@ "engines": { |
@@ -766,4 +766,7 @@ # yauzl | ||
* 3.1.3 | ||
* Fixed a crash when using `fromBuffer()` to read corrupt zip files that specify out of bounds file offsets. [issue #156](https://github.com/thejoshwolfe/yauzl/pull/156) | ||
* Enahnced the test suite to run the error tests through `fromBuffer()` and `fromRandomAccessReader()` in addition to `open()`, which would have caught the above. | ||
* 3.1.2 | ||
* Fixed handling non-64 bit entries (similar to the version 3.1.1 fix) that actually have exactly 0xffffffff values in the fields. This fixes erroneous "expected zip64 extended information extra field" errors. [issue #108](https://github.com/thejoshwolfe/yauzl/pull/108) | ||
* Fixed handling non-64 bit entries (similar to the version 3.1.1 fix) that actually have exactly 0xffffffff values in the fields. This fixes erroneous "expected zip64 extended information extra field" errors. [issue #109](https://github.com/thejoshwolfe/yauzl/pull/109) | ||
* 3.1.1 | ||
@@ -840,1 +843,9 @@ * Fixed handling non-64 bit files that actually have exactly 0xffff or 0xffffffff values in End of Central Directory Record. This fixes erroneous "invalid zip64 end of central directory locator signature" errors. [issue #108](https://github.com/thejoshwolfe/yauzl/pull/108) | ||
* Initial release. | ||
## Development | ||
One of the trickiest things in development is crafting test cases located in `test/{success,failure}/`. | ||
These are zip files that have been specifically generated or design to test certain conditions in this library. | ||
I recommend using [hexdump-zip](https://github.com/thejoshwolfe/hexdump-zip) to examine the structure of a zipfile. | ||
For making new error cases, I typically start by copying `test/success/linux-info-zip.zip`, and then editing a few bytes with a hex editor. |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
90125
1093
850