ObjFW  Diff

Differences From Artifact [cf62e89d89]:

• File src/OFZIPArchive.m — part of check-in [7aef43d648] at 2013-11-06 20:29:17 on branch trunk — Add OFDeflate64Stream. (user: js, size: 13826) [annotate] [blame] [check-ins using]

To Artifact [20c9faa50f]:

• File src/OFZIPArchive.m — part of check-in [be628bbb84] at 2013-11-06 20:58:10 on branch trunk — OFZIPArchive: Do not sort -[entries].

  While sorting -[entries] reduces hard disk seeks, it allows a denial of
  service by creating an archive with a huge central directory without
  actual files. As usually the order in the central directory matches the
  order of the actual files, this minor speed increase is not worth the
  attack vector. (user: js, size: 13808) [annotate] [blame] [check-ins using]

329
330
331
332
333
334
335
336
337
338
339
340
341
342
343

			@throw [OFInvalidFormatException exception];

		[_entries addObject: entry];
		[_pathToEntryMap setObject: entry
				    forKey: [entry fileName]];
	}

	[_entries sort];
	[_entries makeImmutable];
	[_pathToEntryMap makeImmutable];

	objc_autoreleasePoolPop(pool);
}

- (OFArray*)entries

<

329
330
331
332
333
334
335

336
337
338
339
340
341
342

			@throw [OFInvalidFormatException exception];

		[_entries addObject: entry];
		[_pathToEntryMap setObject: entry
				    forKey: [entry fileName]];
	}


	[_entries makeImmutable];
	[_pathToEntryMap makeImmutable];

	objc_autoreleasePoolPop(pool);
}

- (OFArray*)entries