From 7b057d429231de30b480291cd0851d4c8c90069f Mon Sep 17 00:00:00 2001 From: Armijn Hemel Date: Tue, 23 Dec 2025 20:53:16 +0100 Subject: [PATCH] add file with multiple entries that have the same name --- testdata/readme.samenameszip | 67 +++++++++++++++++++++++++++++++++++ testdata/same-names.zip | Bin 0 -> 304 bytes 2 files changed, 67 insertions(+) create mode 100644 testdata/readme.samenameszip create mode 100644 testdata/same-names.zip diff --git a/testdata/readme.samenameszip b/testdata/readme.samenameszip new file mode 100644 index 0000000..ab0dfff --- /dev/null +++ b/testdata/readme.samenameszip @@ -0,0 +1,67 @@ +# Multiple entries with the same name + +It is possible to have multiple entries in the same ZIP file, with different +properties, for example a copy of a file, and a link with the same name. It +is unclear how these conflicts should be resolved. + +A simple test script to add a file with the same entries: + +``` +#!/usr/bin/env python3 + +import zipfile + +z = zipfile.ZipInfo(4*'a') +contents = 10*b'c' +bla = zipfile.ZipFile('/tmp/same-names.zip', mode='w') +bla.writestr(z, contents) +bla.writestr(z, contents) +bla.writestr(z, contents) +bla.close() +``` + +This script adds a file called `aaaa` to an archive three times. When running +this script Python's `zipfile` module issues a warning: + +``` +$ python3 test.py +/usr/lib64/python3.10/zipfile.py:1519: UserWarning: Duplicate name: 'aaaa' + return self._open_to_write(zinfo, force_zip64=force_zip64) +``` + +but it will write the file with three files, as can be seen when running +`zipinfo`: + +``` +$ zipinfo same-names.zip +Archive: same-names.zip +Zip file size: 304 bytes, number of entries: 3 +?rw------- 2.0 unx 10 b- stor 80-Jan-01 00:00 aaaa +?rw------- 2.0 unx 10 b- stor 80-Jan-01 00:00 aaaa +?rw------- 2.0 unx 10 b- stor 80-Jan-01 00:00 aaaa +3 files, 30 bytes uncompressed, 30 bytes compressed: 0.0% +``` + +`unzip` refuses to unpack the file more than once, except when forced: + +``` +$ unzip same-names.zip +Archive: same-names.zip + extracting: aaaa +error: invalid zip file with overlapped components (possible zip bomb) + To unzip the file anyway, rerun the command with UNZIP_DISABLE_ZIPBOMB_DETECTION=TRUE environmnent variable +``` + +When the environment variable is set the user will be asked what to do (here +the `All` option was chosen): + +``` +$ UNZIP_DISABLE_ZIPBOMB_DETECTION=TRUE unzip same-names.zip +Archive: same-names.zip +replace aaaa? [y]es, [n]o, [A]ll, [N]one, [r]ename: A + extracting: aaaa + extracting: aaaa + extracting: aaaa +``` + +`p7zip` will also query the user whether to overwrite the files or not. diff --git a/testdata/same-names.zip b/testdata/same-names.zip new file mode 100644 index 0000000000000000000000000000000000000000..af0873fb256e5c74d37c0a0027ca8caa279eda4e GIT binary patch literal 304 zcmWIWW@Zs#fB;1X`*WfnxquuHW&z?vAV`LT0Gg>~WD;S