pompelmi 0.35.3 → 0.35.5

package/dist/pompelmi.browser.esm.js

@@ -1,4 +1,5 @@
 import { createHash } from 'crypto';
+import { createInflateRaw } from 'zlib';
 
 const MB$1 = 1024 * 1024;
 const DEFAULT_POLICY = {
@@ -1051,12 +1052,15 @@ async function scanFiles(files, opts = {}) {
     return out;
 }
 
+const ARCHIVE_BOMB_DETECTED = "ARCHIVE_BOMB_DETECTED";
+const SIG_LFH = 0x04034b50;
 const SIG_CEN = 0x02014b50;
 const DEFAULTS = {
     maxEntries: 1000,
     maxTotalUncompressedBytes: 500 * 1024 * 1024,
+    maxPerEntryUncompressedBytes: 100 * 1024 * 1024,
     maxEntryNameLength: 255,
-    maxCompressionRatio: 1000,
+    maxCompressionRatio: 100,
     eocdSearchWindow: 70000,
 };
 function r16(buf, off) {
@@ -1066,7 +1070,6 @@ function r32(buf, off) {
     return buf.readUInt32LE(off);
 }
 function isZipLike(buf) {
-    // local file header at start is common
     return (buf.length >= 4 && buf[0] === 0x50 && buf[1] === 0x4b && buf[2] === 0x03 && buf[3] === 0x04);
 }
 function lastIndexOfEOCD(buf, window) {
@@ -1078,6 +1081,47 @@ function lastIndexOfEOCD(buf, window) {
 function hasTraversal(name) {
     return (name.includes("../") || name.includes("..\\") || name.startsWith("/") || /^[A-Za-z]:/.test(name));
 }
+function makeBombError() {
+    return Object.assign(new Error("Archive bomb detected: decompression limits exceeded"), {
+        code: ARCHIVE_BOMB_DETECTED,
+    });
+}
+/**
+ * Feeds `compressed` into a raw DEFLATE inflate stream and counts the actual
+ * output bytes. Resolves with bombed=true and aborts early if any limit fires:
+ *   - decompressed bytes > maxPerEntry
+ *   - totalSoFar + decompressed > maxTotal
+ *   - decompressed / compressed > maxRatio  (ratio measured on real bytes, not headers)
+ *
+ * Malformed DEFLATE is treated as safe (bombed=false, decompressed=0).
+ */
+function streamInflate(compressed, maxPerEntry, maxTotal, alreadySeen, maxRatio) {
+    return new Promise((resolve) => {
+        const inf = createInflateRaw();
+        let out = 0;
+        const compBytes = compressed.length;
+        let done = false;
+        const finish = (bombed) => {
+            if (done)
+                return;
+            done = true;
+            inf.destroy();
+            resolve({ decompressed: out, bombed });
+        };
+        inf.on("data", (chunk) => {
+            out += chunk.length;
+            if (out > maxPerEntry ||
+                alreadySeen + out > maxTotal ||
+                (compBytes > 0 && out / compBytes > maxRatio)) {
+                finish(true);
+            }
+        });
+        inf.on("end", () => finish(false));
+        // Malformed DEFLATE stream → not a bomb, just corrupt
+        inf.on("error", () => finish(false));
+        inf.end(compressed);
+    });
+}
 function createZipBombGuard(opts = {}) {
     const cfg = { ...DEFAULTS, ...opts };
     return {
@@ -1086,43 +1130,36 @@ function createZipBombGuard(opts = {}) {
             const matches = [];
             if (!isZipLike(buf))
                 return matches;
-            // Find EOCD near the end
+            // ── 1. Locate EOCD ──────────────────────────────────────────────────────
             const eocdPos = lastIndexOfEOCD(buf, cfg.eocdSearchWindow);
             if (eocdPos < 0 || eocdPos + 22 > buf.length) {
-                // ZIP but no EOCD — malformed or polyglot → suspicious
                 matches.push({ rule: "zip_eocd_not_found", severity: "medium" });
                 return matches;
             }
             const totalEntries = r16(buf, eocdPos + 10);
             const cdSize = r32(buf, eocdPos + 12);
             const cdOffset = r32(buf, eocdPos + 16);
-            // Bounds check
             if (cdOffset + cdSize > buf.length) {
                 matches.push({ rule: "zip_cd_out_of_bounds", severity: "medium" });
                 return matches;
             }
-            // Iterate central directory entries
+            const lfhIndex = [];
             let ptr = cdOffset;
             let seen = 0;
-            let sumComp = 0;
-            let sumUnc = 0;
             while (ptr + 46 <= cdOffset + cdSize && seen < totalEntries) {
-                const sig = r32(buf, ptr);
-                if (sig !== SIG_CEN)
-                    break; // stop if structure breaks
-                const compSize = r32(buf, ptr + 20);
-                const uncSize = r32(buf, ptr + 24);
+                if (r32(buf, ptr) !== SIG_CEN)
+                    break;
+                const cdCompSize = r32(buf, ptr + 20);
                 const fnLen = r16(buf, ptr + 28);
                 const exLen = r16(buf, ptr + 30);
                 const cmLen = r16(buf, ptr + 32);
-                const nameStart = ptr + 46;
-                const nameEnd = nameStart + fnLen;
+                const lfhOffset = r32(buf, ptr + 42);
+                const nameEnd = ptr + 46 + fnLen;
                 if (nameEnd > buf.length)
                     break;
-                const name = buf.toString("utf8", nameStart, nameEnd);
-                sumComp += compSize;
-                sumUnc += uncSize;
+                const name = buf.toString("utf8", ptr + 46, nameEnd);
                 seen++;
+                lfhIndex.push({ lfhOffset, cdCompSize });
                 if (name.length > cfg.maxEntryNameLength) {
                     matches.push({
                         rule: "zip_entry_name_too_long",
@@ -1133,48 +1170,67 @@ function createZipBombGuard(opts = {}) {
                 if (hasTraversal(name)) {
                     matches.push({ rule: "zip_path_traversal_entry", severity: "medium", meta: { name } });
                 }
-                // move to next entry
                 ptr = nameEnd + exLen + cmLen;
             }
             if (seen !== totalEntries) {
-                // central dir truncated/odd, still report what we found
                 matches.push({
                     rule: "zip_cd_truncated",
                     severity: "medium",
                     meta: { seen, totalEntries },
                 });
             }
-            // Heuristics thresholds
             if (seen > cfg.maxEntries) {
                 matches.push({
                     rule: "zip_too_many_entries",
                     severity: "medium",
                     meta: { seen, limit: cfg.maxEntries },
                 });
+                // Return early — decompressing thousands of entries would be a DoS vector
+                return matches;
             }
-            if (sumUnc > cfg.maxTotalUncompressedBytes) {
-                matches.push({
-                    rule: "zip_total_uncompressed_too_large",
-                    severity: "medium",
-                    meta: { totalUncompressed: sumUnc, limit: cfg.maxTotalUncompressedBytes },
-                });
-            }
-            if (sumComp === 0 && sumUnc > 0) {
-                matches.push({
-                    rule: "zip_suspicious_ratio",
-                    severity: "medium",
-                    meta: { ratio: Infinity },
-                });
-            }
-            else if (sumComp > 0) {
-                const ratio = sumUnc / Math.max(1, sumComp);
-                if (ratio >= cfg.maxCompressionRatio) {
-                    matches.push({
-                        rule: "zip_suspicious_ratio",
-                        severity: "medium",
-                        meta: { ratio, limit: cfg.maxCompressionRatio },
-                    });
+            // ── 3. True streaming decompression — archive bomb detection ────────────
+            // For every DEFLATE entry (method=8) we feed the raw compressed bytes into
+            // zlib.createInflateRaw() and count the bytes that come OUT.  We abort the
+            // moment any limit fires; we NEVER trust the header-reported uncompressed
+            // size for the ratio decision.
+            //
+            // For STORED entries (method=0) compressed == uncompressed by spec, so the
+            // byte count is immediate.
+            let totalDecompressed = 0;
+            for (const { lfhOffset, cdCompSize } of lfhIndex) {
+                if (lfhOffset + 30 > buf.length)
+                    continue;
+                if (r32(buf, lfhOffset) !== SIG_LFH)
+                    continue;
+                const gpbf = r16(buf, lfhOffset + 6);
+                const method = r16(buf, lfhOffset + 8);
+                let lfhCompSz = r32(buf, lfhOffset + 18);
+                const fnLen = r16(buf, lfhOffset + 26);
+                const exLen = r16(buf, lfhOffset + 28);
+                const dataOff = lfhOffset + 30 + fnLen + exLen;
+                // If the data-descriptor flag is set (GPBF bit 3), the LFH sizes are 0.
+                // Fall back to the CD size purely for navigation — not for bomb detection.
+                if ((gpbf & 0x08) !== 0 && lfhCompSz === 0) {
+                    lfhCompSz = cdCompSize;
+                }
+                if (dataOff + lfhCompSz > buf.length)
+                    continue; // truncated entry — skip
+                if (method === 8 /* DEFLATE */) {
+                    const compressed = buf.slice(dataOff, dataOff + lfhCompSz);
+                    const { decompressed, bombed } = await streamInflate(compressed, cfg.maxPerEntryUncompressedBytes, cfg.maxTotalUncompressedBytes, totalDecompressed, cfg.maxCompressionRatio);
+                    if (bombed)
+                        throw makeBombError();
+                    totalDecompressed += decompressed;
+                }
+                else if (method === 0 /* STORED */) {
+                    // Compressed == uncompressed for stored entries
+                    if (lfhCompSz > cfg.maxPerEntryUncompressedBytes)
+                        throw makeBombError();
+                    totalDecompressed += lfhCompSz;
+                    if (totalDecompressed > cfg.maxTotalUncompressedBytes)
+                        throw makeBombError();
                 }
+                // Other methods (bzip2=12, lzma=14, zstd=93, …) — skip; no built-in support
             }
             return matches;
         },