How to continue work on std.zip

Walter Bright newshound2 at digitalmars.com
Wed Oct 23 09:31:04 UTC 2019


On 10/23/2019 12:24 AM, berni44 wrote:
> That's allready done. std.zip meanwhile checks for overlapping data and rejects 
> any such file. Actually this (namely an issue you filed) was the reason, why I 
> started work on std.zip.

That's good!

> Some minor stuff, like path traversal attacks, remains though.

How about nailing all that stuff? Then you can put in the documentation for 
std.zip, with links to the zip bomb problems, that std.zip doesn't have those 
problems.

There's no reason not to do an std.zip that's better than anyone else's, 
especially when the problems are known.



More information about the Digitalmars-d mailing list