yauzl - npm Package Compare versions

Comparing version 3.1.2 to 3.1.3

fd-slicer.js

		@@ -198,8 +198,25 @@ // This was adapted from https://github.com/andrewrk/node-fd-slicer by Andrew Kelley under the MIT License.
		BufferSlicer.prototype.read = function(buffer, offset, length, position, callback) {
		var end = position + length;
		var delta = end - this.buffer.length;
		var written = (delta > 0) ? delta : length;
		this.buffer.copy(buffer, offset, position, end);
		if (!(0 <= offset && offset <= buffer.length)) throw new RangeError("offset outside buffer: 0 <= " + offset + " <= " + buffer.length);
		if (position < 0) throw new RangeError("position is negative: " + position);
		if (offset + length > buffer.length) {
		// The caller's buffer can't hold all the bytes they're trying to read.
		// Clamp the length instead of giving an error.
		// The callback will be informed of fewer than expected bytes written.
		length = buffer.length - offset;
		}
		if (position + length > this.buffer.length) {
		// Clamp any attempt to read past the end of the source buffer.
		length = this.buffer.length - position;
		}
		if (length <= 0) {
		// After any clamping, we're fully out of bounds or otherwise have nothing to do.
		// This isn't an error; it's just zero bytes written.
		setImmediate(function() {
		callback(null, 0);
		});
		return;
		}
		this.buffer.copy(buffer, offset, position, position + length);
		setImmediate(function() {
		callback(null, written);
		callback(null, length);
		});
		@@ -206,0 +223,0 @@ };

package.json

		{
		"name": "yauzl",
		"version": "3.1.2",
		"version": "3.1.3",
		"description": "yet another unzip library for node",
		@@ -5,0 +5,0 @@ "engines": {

README.md

		@@ -766,4 +766,7 @@ # yauzl

		* 3.1.3
		* Fixed a crash when using `fromBuffer()` to read corrupt zip files that specify out of bounds file offsets. [issue #156](https://github.com/thejoshwolfe/yauzl/pull/156)
		* Enahnced the test suite to run the error tests through `fromBuffer()` and `fromRandomAccessReader()` in addition to `open()`, which would have caught the above.
		* 3.1.2
		* Fixed handling non-64 bit entries (similar to the version 3.1.1 fix) that actually have exactly 0xffffffff values in the fields. This fixes erroneous "expected zip64 extended information extra field" errors. [issue #108](https://github.com/thejoshwolfe/yauzl/pull/108)
		* Fixed handling non-64 bit entries (similar to the version 3.1.1 fix) that actually have exactly 0xffffffff values in the fields. This fixes erroneous "expected zip64 extended information extra field" errors. [issue #109](https://github.com/thejoshwolfe/yauzl/pull/109)
		* 3.1.1
		@@ -840,1 +843,9 @@ * Fixed handling non-64 bit files that actually have exactly 0xffff or 0xffffffff values in End of Central Directory Record. This fixes erroneous "invalid zip64 end of central directory locator signature" errors. [issue #108](https://github.com/thejoshwolfe/yauzl/pull/108)
		* Initial release.

		## Development

		One of the trickiest things in development is crafting test cases located in `test/{success,failure}/`.
		These are zip files that have been specifically generated or design to test certain conditions in this library.
		I recommend using [hexdump-zip](https://github.com/thejoshwolfe/hexdump-zip) to examine the structure of a zipfile.

		For making new error cases, I typically start by copying `test/success/linux-info-zip.zip`, and then editing a few bytes with a hex editor.

yauzl - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics