MobileRead Forums
Register Guidelines E-Books Today's Posts Search

Go Back   MobileRead Forums > E-Book Software > Sigil
Reload this Page Error when ePub containt a relatif path archive name

Notices

Reply
 
Thread Tools Search this Thread
Old 01-21-2022, 06:44 AM   #1
un_pogaz
Chalut o/
un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.un_pogaz understands the importance of being earnest.
 
un_pogaz's Avatar
 
Posts: 439
Karma: 145424
Join Date: Dec 2017
Device: Kobo
Error when ePub containt a relatif path archive name
Sigil can't load the ePub when they contain a relative path:
Code:
Possible evil or corrupt epub file name: OEBPS/../images/cover.jpg
The attached ePub is also the worst case, because it contains the same file with a valid file (but only the relative path is buggy, not the duplicate entry).

It's rare, and I'm sure in some cases the error is valid and nothing can be done (when you exit the archive for example).

PS: the bug is old. Ironically it was "quite" easy to find a ePub with this : The "Quick start guide for Calibre" 4e edition -by John Schember.
Attached Files
File Type: epub ERROR load relatif path.epub (95.8 KB, 100 views)
un_pogaz is offline   Reply With Quote
Old 01-21-2022, 09:07 AM   #2
KevinH
Sigil Developer
KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.
 
Posts: 8,759
Karma: 5706256
Join Date: Nov 2009
Device: many
Not an error in Sigil. Sigil will not load files outside the root path of the epub by design. No upward relative paths are needed in any epub. This is an attack vector that can be used to craft a malicious epub to overwrite system files. There was actually a CVE/security bug filed against Sigil (and "minizip") to prevent loading such epubs/zips.

Google "zip slip attack" for more details.

If you are 100% sure the epub has not been tampered with then manually unpack it and use AddExisting to add its pieces in proper form.
Last edited by KevinH; 01-21-2022 at 12:03 PM.
KevinH is online now   Reply With Quote
Advert
Reply

« Previous Thread | Next Thread »

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PRS-350 About the epub custom font path And how to know the path? 52manhua Sony Reader Dev Corner 6 12-20-2013 01:28 AM
"Error importing EPUB. EOCD not found. Not a ZIP archive? (Error Code 1068)" oren ePub 8 02-20-2012 07:20 AM
"Error importing EPUB. EOCD not found. Not a ZIP archive? (Error Code 1068)" oren Android Devices 1 02-20-2012 04:10 AM


All times are GMT -4. The time now is 04:31 PM.

Contact Us - FAQ - Guidelines - Privacy - Top

MobileRead.com is a privately owned, operated and funded community.