[bug?] Error with unpacking some AES-encrypted archives

[DrShark]

From russian forum:
TC 7.5x cannot unpack some AES-encrypted archives.
Samples:
AES128.zip
AES192.zip
AES256.zip
Password: 1234567890
WinRAR 3.80 works with them just fine.
Original report on russian forum (google translate)

[ghisler(Author)]

I can confirm that TC cannot unpack these files - they probably don't follow the ZIP standard exactly. Any idea what program created them?

[DrShark]

It mentioned in the russian thread - 1С:Предприятие 8.1

[karlchen]

Hello, DrShark.

"1C" is the name of the leading Russian warehousing and finance software. Correct?

Anyway. 7ZIP 4.65 does extract the encrypted file from all 3 encrypted ZIP files.

<?xml version="1.0" encoding="UTF-8"?>
<xmldata><goods>
<good code="1" name="name1"/>
<good code="2" name="name2"/>
<good code="3" name="name3"/>
</goods><barcodes>
<barcode code="1" value="value1"/>
<barcode code="2" value="value2"/>
<barcode code="3" value="value3"/>
</barcodes>
</xmldata>

Any idea perhaps whose ZIP libraries the 1C guys are using?

Kind regards,
Karl

[DrShark]

Hello, DrShark.

"1C" is the name of the leading Russian warehousing and finance software. Correct?

Yes.

Any idea perhaps whose ZIP libraries the 1C guys are using?

I don't have any of their software installed...

[karlchen]

I don't have any of their software installed...

I did not expect you to run it on your private machine. I don't.

Karl

[ghisler(Author)]

I could confirm the error now, and also find the reason: The zip doesn't store the packed size in the local header, and TC doesn't manage to get the 10 byte checksum correctly in this case. I will fix it in beta 7. Thanks for your report!

[Postkutscher]

With the correct password ( 1234567890 ) seems to work , but with other - crash!

---------------------------
Total Commander 7.50PB7 pre1
---------------------------
Access violation at address 10008590. Read of address 00133000.

Please report this error to the Author, with a description
of what you were doing when this error occurred!

Windows exception: C0000005
Stack trace:
10008590
482E42 4873ED 487EC5 4880E9 5AEB51 5A02AD
5A1C78 5A4383 4D2E27 511D1E 50391A 4445EF
441BE1 4431B9 443B11 >413E90 4430F7 413E90
41950F 69A32F
Raw:
47E874 482E42 4873ED 443E7B 441BE1 443DD1
431ACF 443B11 443B34 413E90 6970F7 6748F0
413E90 6970F7 6748F0 413E90 43A903 43AA42
431EFE 441BE1 443DD1 431ACF 4431B9 441B1F
443EB6 444379 441BE1 443DD1 443065 696C02
658E4B 443E7B 441BE1 443DD1 4431B9 443B11
443B34 413E90 4430F7 413E90 696C02 658E4B
445533 467962 4679CF 696F71 669FCF 443E7B
441BE1 443DD1 43341D 4431B9 5F002E 443B34
413E90 4430F7 413E90 65C638 6679E6 5D575A

Press Ctrl+C to copy this report!
Continue execution?
---------------------------
Да Нет
---------------------------

TC7.5PB7 under WinXP SP3

[karlchen]

Hello, Postkutscher.

What exactly did you do to get a crash?
As long as I keep entering incorrect passwords T.C. 7.50 pb7 will keep on prompting me for a different password until
+ Cancel is selected
+ the correct password has been entered.

No crash here:
+ Total Commander 7.50 pb7 (file dates 16.07.2009)
+ Windows XP Prof, SP2, 32bit, ger

Kind regards,
Karl

[Postkutscher]

Hello, Postkutscher.

What exactly did you do to get a crash?

1. Enter into one of archives from the first post
2. F3 on xmldata.xml
3. Type 123
4. Press enter
5. I`m asked for overwriting of existing file in the temp directory. Confirm overwriting.
6 Crash!

Here is the second example http://translate.google.com/translate?js=y&prev=_t&hl=ru&ie=UTF-8&u=http%3A%2F%2Fforum.wincmd.ru%2Fviewtopic.php%3Ft%3D12380&sl=ru&tl=en&history_state0=

[karlchen]

Hi, Postkutscher.

I still do not quite understand the steps, or to be precise 3. to 5.

Whenever I enter "123" as the password or any other invalid password - the correct one is 1234567890 as I know from the initial post - T.C. 7.50 pb7 will keep on asking me to enter the correct password.

So I never get to step 5.

As soon as I enter the correct password, the file xmldata.xml is opened inside the T.C. lister and no crash will occur.

As long as I keep on entering incorrect passwords T.C. cannot be bothered to open the xmldata.xml file. In case I press Cancel, the game is over, but no crash will occur.

Kind regards,
Karl

[karlchen]

Hi, Postkutscher.

I guess I may have found the T.C. parameter which is responsible for the crash:

[Packer]
OpenPartial=1

By default, OpenPartial=0 will be set here and there will be no crash.
Having set OpenPartial=1 and restarted T.C., I can reproduce the crash:
+ I must have opened (and closed) xmldata.xml successfully once
+ Entering an incorrect password next time will produce the crash.

Kind regards,
Karl

[ghisler(Author)]

I can reproduce the new error, thanks! It's completely unrelated to the first error, though...

[karlchen]

Hello, Christian.

I can reproduce the new error, thanks! It's completely unrelated to the first error, though...

I suspected this new crash were unrelated to that initial problem. It does not depend on the non-standard AES header of the ZIP file.
It is the attempt to OpenPartial which causes the crash in case the ZIP file is encrypted and an incorrect password has been entered.

Kind regards,
Karl

[karlchen]

Hello, Christian.

Using Total Commander 7.50 pb8 I can no longer reproduce the second type of crash which had been related to the parameter OpenPartial=1.

Total Commander 7.50 PB8
Windows XP Prof SP2, 32bit

Seems as if this problem has been fixed.

Kind regards,
Karl