Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

nih-at/libzip
main @ fdb9512
22
Fixes
0
CVEs
HIGH
Peak severity
Highlights
Integer Overflow: 13 prior fixes. Scrutinize any change in this area.
lib/zip_open.c: most-fixed (4 issues). Treat as high-risk during review.
10 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Integer Overflow: Integer overflows in directory entry size calculations can lead to undersized memory allocations via malloc and subsequent heap-based buffer corruption. This has been a recurring pattern when parsing maliciously constructed central directory headers.
Integer Overflow: Parsing of corrupt central directories has historically suffered from signedness mismatch and underflow issues, leading to out-of-bounds reads and memory safety violations. Strict casting and loop conditions must be enforced during index/offset calculation.
Time-of-Check to Time-of-Use (TOCTOU): Using path-based chmod operations on temporary files creates a symlink race window where an attacker can redirect permissions modification to a sensitive system file. Operations must be constrained to the descriptor using fchmod.