From 9621ee047a66a0e78979ed215f5f4d3b520c628b Mon Sep 17 00:00:00 2001
From: Dieter Baron <dillo@nih.at>
Date: Wed, 21 Aug 2024 14:36:56 +0200
Subject: [PATCH] =?UTF-8?q?Don=E2=80=99t=20treat=20truncated=20archive=20c?=
 =?UTF-8?q?omment=20as=20error=20when=20not=20checking=20consistency.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/zip_open.c                          | 13 +++++++++----
 regress/open_archive_comment_wrong.test | 10 ++++++++++
 2 files changed, 19 insertions(+), 4 deletions(-)
 create mode 100644 regress/open_archive_comment_wrong.test

diff --git a/lib/zip_open.c b/lib/zip_open.c
index f3feb2d0e..6b3c291fc 100644
--- a/lib/zip_open.c
+++ b/lib/zip_open.c
@@ -364,10 +364,15 @@ static bool _zip_read_cdir(zip_t *za, zip_buffer_t *buffer, zip_uint64_t buf_off
         _zip_buffer_set_offset(buffer, eocd_offset + EOCDLEN);
         tail_len = _zip_buffer_left(buffer);
 
-        if (tail_len < comment_len || ((za->open_flags & ZIP_CHECKCONS) && tail_len != comment_len)) {
-            zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_COMMENT_LENGTH_INVALID);
-            _zip_cdir_free(cd);
-            return true;
+        if (tail_len != comment_len) {
+            if (za->open_flags & ZIP_CHECKCONS) {
+                zip_error_set(error, ZIP_ER_INCONS, ZIP_ER_DETAIL_COMMENT_LENGTH_INVALID);
+                _zip_cdir_free(cd);
+                return true;
+            }
+            if (tail_len < comment_len) {
+                comment_len = tail_len;
+            }
         }
 
         if (comment_len) {
diff --git a/regress/open_archive_comment_wrong.test b/regress/open_archive_comment_wrong.test
new file mode 100644
index 000000000..d8affa82c
--- /dev/null
+++ b/regress/open_archive_comment_wrong.test
@@ -0,0 +1,10 @@
+# zip_open: file with wrong archive comment lentgh, no consistency check: opens fine
+program tryopen
+arguments incons-archive-comment-longer.zip incons-archive-comment-shorter.zip
+return 0
+file incons-archive-comment-longer.zip incons-archive-comment-longer.zip
+file incons-archive-comment-shorter.zip incons-archive-comment-shorter.zip
+stdout
+opening 'incons-archive-comment-longer.zip' succeeded, 1 entries
+opening 'incons-archive-comment-shorter.zip' succeeded, 1 entries
+end-of-inline-data