From 589f7fe7863ff01ab877908087c81e40a13a14a5 Mon Sep 17 00:00:00 2001
From: C-3PO <c-3po@jedipedia.net>
Date: Sun, 24 Jun 2018 02:13:10 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=8E=A8=20Do=20not=20overwrite=20buffer=20?=
 =?UTF-8?q?during=20decryption?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/ssn/decryption/decryptFile.ts | 10 ++++++++--
 src/ssn/extractFile.ts            |  2 +-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/ssn/decryption/decryptFile.ts b/src/ssn/decryption/decryptFile.ts
index 3ece721..a9780fe 100644
--- a/src/ssn/decryption/decryptFile.ts
+++ b/src/ssn/decryption/decryptFile.ts
@@ -1,18 +1,24 @@
 import updateKeys from './updateKeys';
 
 export default function decryptFile(dv: DataView, length: number, [key0, key1, key2]: [number, number, number]) {
+  const decryptedBuffer = new ArrayBuffer(dv.byteLength - 12);
+  const dvOut = new DataView(decryptedBuffer);
+
   for (let i = 0; i < length; i += 1) {
     //read and decrypt byte
     let curChar = dv.getUint8(i);
     const keyPart = (key2 | 2) & 0xFFFF;
     const decryptedByte = (keyPart * (keyPart ^ 1)) >>> 8;
     curChar ^= decryptedByte & 0xFF;
-    dv.setUint8(i, curChar);
+    //Skip the first 12 bytes (random encryption header)
+    if (i >= 12) {
+      dvOut.setUint8(i - 12, curChar);
+    }
 
     //update keys
     [key0, key1, key2] = updateKeys([key0, key1, key2], curChar);
   }
 
   //If it was decrypted, we skip the first 12 bytes (random encryption header)
-  return new DataView(dv.buffer, 12, dv.byteLength - 12);
+  return dvOut;
 }
diff --git a/src/ssn/extractFile.ts b/src/ssn/extractFile.ts
index 67bd037..58b20d4 100644
--- a/src/ssn/extractFile.ts
+++ b/src/ssn/extractFile.ts
@@ -10,7 +10,7 @@ export default async function extractFile(file: ISsnFileEntry, dvArray: DataView
   //Use ByteReader for reading a uint8 and seeking forward across DataView boundaries
   const byteReader = new ByteReader(dvArray, file.diskNumberStart, file.offset);
 
-  //Local file header signature must be 0x04034B50
+  //Local file header signature
   if (byteReader.readUint32() !== 0x04034B50) {
     throw new Error('Local file header had wrong magic');
   }