Another Implode bug in old PKZIP software

In a previous post, I discussed an old PKZIP bug related to the compression method named “Implode”. I’ll call that bug the “MML bug”, for “Minimum Match Length”.

In this post, I’ll discuss another old PKZIP bug related to Implode compression, mainly just to distinguish it from that one. I’ll use some terminology from my previous post.

To help with the investigation, I used an old DOS program named PAK (search for PAK251.EXE). PAK mainly handles ARC files, but it supports ZIP format as well. Here are some excerpts from its documentation:

There are 12 compression types, [...]
  imploded Huffman/Sliding Window, PKZIP 1.0 and later.
  Imploded Huffman/Sliding Window, PKZip 1.1 and later.

Version 1.01 PKUNZIP had bugs in it. PAK compensate for these
when creating a ZIP archive, but this may hurt compression on some
files. If you want to create a file that PKUNZIP 1.01 can read, you
must include the BUGS option:

  PAK c [...] /bugs

Options: [...]
  /z = make ZIP 1.10 compatible archive (Imploded).
  /bugs = make ZIP 1.01 compatible archive.

It’s not talking about the MML bug. This is something different.

As indicated, PAK has two relevant ZIP compression modes: /z and /bugs. I tested them, and noted some things:

  • Both /z and /bugs seem to only ever use the i8:3 mode of Implode. This mode is not relevant to the MML bug.
  • As advertised, /z usually produces smaller files than /bugs.
  • ZIP files made with /bugs seem to be compatible with all versions of PKZIP that support Implode, not just 1.0x.
  • ZIP files made with /z are marked as requiring version 1.1 or higher. As a result, PKZIP versions 1.01 and 1.02 won’t even try to decompress them.

I took a file compressed with /z, and hex-edited it to change the “version required” label from 1.1 to 1.0. PKZIP 1.01 tried and failed to decompress the resulting file. PKZIP 1.02 successfully decompressed it.

I tried to figure out the difference between the “/bugs” files and the “/z” files, but it seems to be too technical for me. At least, it would take way more effort than it’s worth. All I can really tell is that the “literal” Huffman tree is quite different. That’s the tree that is only present in the “:3” compression modes: i4:3 and i8:3.

So, what I think is that PKZIP 1.01 has a bug in which it fails to decompress some files that use the i8:3 compression mode. The i4:3 mode may be affected as well, but that mode is already broken by the MML bug. The problematic files are presumably valid according to the specification. I don’t know whether PKZIP 1.01 itself ever produces such files — my best guess is that it does not.

The bug was fixed in PKZIP 1.02. Note that the MML bug was not fixed until version 1.10.

PKZIP 1.02’s documentation says that the 1.02 release is “a minor bug fix for version 1.01”. It goes on to list some bugs and issues that were fixed, but does not appear to mention this Implode bug.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s