Merge pull request #36118 from bdach/zip-magic

peppy · web-flow · commit 64d16776be05 · 2025-12-25T02:29:18.000+09:00
diff --git a/osu.Game/Utils/ZipUtils.cs b/osu.Game/Utils/ZipUtils.cs
@@ -23,9 +23,15 @@ public static bool IsZipArchive(MemoryStream stream)
                         {
                         }
                     }
-                }
 
-                return true;
+                    // aside from opening every zip entry not failing, we also require there to *be* at least one entry.
+                    // if there are no entries, the best case is that it's an actual empty zip
+                    // and as such probably useless to whatever wants to use it later.
+                    // the worst case is that it's actually *not* a zip and instead a stream of binary
+                    // which *accidentally* happened to contain the magic sequence of bytes for the zip header (50 4b 05 06),
+                    // and if that's the case, then we are *misclassifying* it as a zip by returning `true` unconditionally.
+                    return arc.Entries.Count > 0;
+                }
             }
             catch (Exception)
             {
@@ -52,9 +58,15 @@ public static bool IsZipArchive(string path)
                         {
                         }
                     }
-                }
 
-                return true;
+                    // aside from opening every zip entry not failing, we also require there to *be* at least one entry.
+                    // if there are no entries, the best case is that it's an actual empty zip
+                    // and as such probably useless to whatever wants to use it later.
+                    // the worst case is that it's actually *not* a zip and instead a stream of binary
+                    // which *accidentally* happened to contain the magic sequence of bytes for the zip header (50 4b 05 06),
+                    // and if that's the case, then we are *misclassifying* it as a zip by returning `true` unconditionally.
+                    return arc.Entries.Count > 0;
+                }
             }
             catch (Exception)
             {

Original file line number	Diff line number	Diff line change
`@@ -23,9 +23,15 @@ public static bool IsZipArchive(MemoryStream stream)`
`23`	`23`	`{`
`24`	`24`	`}`
`25`	`25`	`}`
`26`		`- }`
`27`	`26`
`28`		`- return true;`
	`27`	`+ // aside from opening every zip entry not failing, we also require there to be at least one entry.`
	`28`	`+ // if there are no entries, the best case is that it's an actual empty zip`
	`29`	`+ // and as such probably useless to whatever wants to use it later.`
	`30`	`+ // the worst case is that it's actually not a zip and instead a stream of binary`
	`31`	`+ // which accidentally happened to contain the magic sequence of bytes for the zip header (50 4b 05 06),`
	`32`	+ // and if that's the case, then we are misclassifying it as a zip by returning `true` unconditionally.
	`33`	`+ return arc.Entries.Count > 0;`
	`34`	`+ }`
`29`	`35`	`}`
`30`	`36`	`catch (Exception)`
`31`	`37`	`{`
`@@ -52,9 +58,15 @@ public static bool IsZipArchive(string path)`
`52`	`58`	`{`
`53`	`59`	`}`
`54`	`60`	`}`
`55`		`- }`
`56`	`61`
`57`		`- return true;`
	`62`	`+ // aside from opening every zip entry not failing, we also require there to be at least one entry.`
	`63`	`+ // if there are no entries, the best case is that it's an actual empty zip`
	`64`	`+ // and as such probably useless to whatever wants to use it later.`
	`65`	`+ // the worst case is that it's actually not a zip and instead a stream of binary`
	`66`	`+ // which accidentally happened to contain the magic sequence of bytes for the zip header (50 4b 05 06),`
	`67`	+ // and if that's the case, then we are misclassifying it as a zip by returning `true` unconditionally.
	`68`	`+ return arc.Entries.Count > 0;`
	`69`	`+ }`
`58`	`70`	`}`
`59`	`71`	`catch (Exception)`
`60`	`72`	`{`