blob: 3d1f9a0aabc3f9c93c90e2fb1f0f7ca722889370 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
From 9b46957ec98d85a572e9ef98301247f39338a3b5 Mon Sep 17 00:00:00 2001
From: Thomas Klausner <tk@giga.or.at>
Date: Tue, 29 Aug 2017 10:25:03 +0200
Subject: [PATCH] Make eocd checks more consistent between zip and zip64 cases.
---
lib/zip_open.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/zip_open.c b/lib/zip_open.c
index 3bd593b..9d3a4cb 100644
--- a/lib/zip_open.c
+++ b/lib/zip_open.c
@@ -847,7 +847,12 @@ _zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offse
zip_error_set(error, ZIP_ER_SEEK, EFBIG);
return NULL;
}
- if ((flags & ZIP_CHECKCONS) && offset+size != eocd_offset) {
+ if (offset+size > buf_offset + eocd_offset) {
+ /* cdir spans past EOCD record */
+ zip_error_set(error, ZIP_ER_INCONS, 0);
+ return NULL;
+ }
+ if ((flags & ZIP_CHECKCONS) && offset+size != buf_offset + eocd_offset) {
zip_error_set(error, ZIP_ER_INCONS, 0);
return NULL;
}
|
