MCPcopy Index your code
hub / github.com/coder/coder / TestCreateTarFromZip_RejectsInvalidZipMetadata

Function TestCreateTarFromZip_RejectsInvalidZipMetadata

archive/archive_test.go:89–123  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

87}
88
89func TestCreateTarFromZip_RejectsInvalidZipMetadata(t *testing.T) {
90 t.Parallel()
91
92 // Ref: https://github.com/golang/go/blob/go1.24.0/src/archive/zip/struct.go
93 corruptZipUncompressedSize := func(t *testing.T, zipBytes []byte, size uint32) []byte {
94 t.Helper()
95
96 const (
97 directoryHeaderSignature = "PK\x01\x02"
98 uncompressedSizeOffset = 24
99 )
100 hdrOffset := bytes.Index(zipBytes, []byte(directoryHeaderSignature))
101 require.NotEqual(t, -1, hdrOffset, "missing ZIP central directory header")
102 corrupted := bytes.Clone(zipBytes)
103 sizeBytes := corrupted[hdrOffset+uncompressedSizeOffset : hdrOffset+uncompressedSizeOffset+4]
104 binary.LittleEndian.PutUint32(sizeBytes, size)
105
106 return corrupted
107 }
108
109 zipBytes := buildTestZip(t, map[string]string{
110 "hello.txt": "hello",
111 })
112 zipBytes = corruptZipUncompressedSize(t, zipBytes, 6)
113
114 zr, err := zip.NewReader(bytes.NewReader(zipBytes), int64(len(zipBytes)))
115 require.NoError(t, err)
116
117 // Keep the size limit large so this test exercises the invalid
118 // ZIP metadata path rather than the tar output limit.
119 maxSize := int64(4096)
120 tarBytes, err := archive.CreateTarFromZip(zr, maxSize)
121 require.ErrorIs(t, err, archive.ErrInvalidZipContent)
122 require.Nil(t, tarBytes)
123}
124
125func TestCreateTarFromZip_RejectsOversizedTarOverhead(t *testing.T) {
126 t.Parallel()

Callers

nothing calls this directly

Calls 4

CreateTarFromZipFunction · 0.92
buildTestZipFunction · 0.85
HelperMethod · 0.65
CloneMethod · 0.45

Tested by

no test coverage detected