Differences From Artifact [cf62e89d89]:
- File src/OFZIPArchive.m — part of check-in [7aef43d648] at 2013-11-06 20:29:17 on branch trunk — Add OFDeflate64Stream. (user: js, size: 13826) [annotate] [blame] [check-ins using]
To Artifact [20c9faa50f]:
- File
src/OFZIPArchive.m
— part of check-in
[be628bbb84]
at
2013-11-06 20:58:10
on branch trunk
— OFZIPArchive: Do not sort -[entries].
While sorting -[entries] reduces hard disk seeks, it allows a denial of
service by creating an archive with a huge central directory without
actual files. As usually the order in the central directory matches the
order of the actual files, this minor speed increase is not worth the
attack vector. (user: js, size: 13808) [annotate] [blame] [check-ins using]
︙ | ︙ | |||
329 330 331 332 333 334 335 | @throw [OFInvalidFormatException exception]; [_entries addObject: entry]; [_pathToEntryMap setObject: entry forKey: [entry fileName]]; } | < | 329 330 331 332 333 334 335 336 337 338 339 340 341 342 | @throw [OFInvalidFormatException exception]; [_entries addObject: entry]; [_pathToEntryMap setObject: entry forKey: [entry fileName]]; } [_entries makeImmutable]; [_pathToEntryMap makeImmutable]; objc_autoreleasePoolPop(pool); } - (OFArray*)entries |
︙ | ︙ |