I thinkstruct.unpack returns relative to the struct, and that will be atoffset - sizeEndCentDir64Locator (where it was read from). SEEK_SET / 0 isn't right asreloff is a relative position from where the struct was read, not an absolute position in the file.

Although the variable is namedreloff andthe spec states "relative offset of the zip64 end of central directory record" without specifying relative to what, in reality it's offset from the beginning of the file. See code which writes it

Also, the same in the libzip code:https://github.com/nih-at/libzip/blob/d0ebf7fa268ae2e59e575cb3a72e6bc259e3fdd8/lib/zip_open.c#L853

@cmaloney wdyt on renamingreloff, worth changing to e.g.eocd_offset?

Definitely would be clearer to me, but not sure it's worth the extra noise in the diff though / additional lines changed.

The offsets are complicated by data that may precede the start of the zip content which is why some of the tests are failing.reloff is the number of bytes from the start of the first local file header in the zip which may not be the actual start of the file. I can't think of a good way of directly computing the start of the zip64 end of record block if there's data preceding the start of the zip part of the file. Might have to do a bit of a search.

# Assume no 'zip64 extensible data'fpin.seek(offset-sizeEndCentDir64Locator-sizeEndCentDir64,2)data=fpin.read(sizeEndCentDir64)iflen(data)!=sizeEndCentDir64:returnendrecsig,sz,create_version,read_version,disk_num,disk_dir, \dircount,dircount2,dirsize,diroffset= \struct.unpack(structEndArchive64,data)ifsig!=stringEndArchive64:loc_pos=fpin.tell()# Seek to the earliest possible eocd64 startfpin.seek(reloff,0)# Read all the data between here and the eocd64 locatordata=fpin.read(loc_pos-reloff)start=data.rfind(stringEndArchive64)ifstart>=0andlen(data)-start>sizeEndCentDir64:sig,sz,create_version,read_version,disk_num,disk_dir, \dircount,dircount2,dirsize,diroffset= \struct.unpack(structEndArchive64,data[start:start+sizeEndCentDir64])ifsig!=stringEndArchive64:returnendrecelse:returnendrec

My code needs improvement asdata = fpin.read(loc_pos - reloff) might read a substantial amount of data if there's a big blob of data before the zip. It would also be a good idea to check that the sizes of the offsets are consistent with regards to:

• the zip64 end locator is actuallysz bytes from the position just after thesz field
• The position of thestringEndArchive64 signature found usingrfind is the same position as thestringEndArchive64 signature that is found directly after the central directory.