NanaZip icon indicating copy to clipboard operation
NanaZip copied to clipboard

Published 20 hours ago verified publisher icon M2Team

Difference in handling of ISOs compared to Windows

Open joegasper opened this issue 2 years ago • 2 comments

With the security related enhancements put into NanaZip, I just wanted to point out a recent issue in 7-zip and types of ISO files used to potentially deliver malware.

Incompatibility in handling of ISOs between 7-zip and Windows

Proof of concept ISO is provided. Opening the ISO in NanaZip, there are no files. Open the ISO with Windows Explorer, there is a single Example.txt file.

joegasper avatar Feb 06 '23 03:02 joegasper

Thank you. We need some time to research this issue before we fix that.

Kenji Mouri

MouriNaruto avatar Feb 15 '23 01:02 MouriNaruto

Uh oh, proof of concept iso is gone. Anyone has a backup?

Without knowing too much about what's going on, there can be a lot of weird things with an ISO -- like different filesystems coexisting (UDF Bridge / 9660 converted to UDF) -- and these can have different data.

Okay, found archive at https://web.archive.org/web/20230216063620/https://sourceforge.net/p/sevenzip/discussion/45797/thread/49f338068e/. Anyways, commented at the original post.

Artoria2e5 avatar May 06 '23 11:05 Artoria2e5