Highlights
Integer Overflow: 13 prior fixes. Scrutinize any change in this area.
lib/zip_open.c: most-fixed (4 issues). Treat as high-risk during review.
10 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns
The bug types that recur here, drawn from past fixes, not open vulnerabilities.
Integer Overflow: Integer overflows in directory entry size calculations can lead to undersized memory allocations via malloc and subsequent heap-based buffer corruption. This has been a recurring pattern when parsing maliciously constructed central directory headers.
Integer Overflow: Parsing of corrupt central directories has historically suffered from signedness mismatch and underflow issues, leading to out-of-bounds reads and memory safety violations. Strict casting and loop conditions must be enforced during index/offset calculation.
Time-of-Check to Time-of-Use (TOCTOU): Using path-based chmod operations on temporary files creates a symlink race window where an attacker can redirect permissions modification to a sensitive system file. Operations must be constrained to the descriptor using fchmod.