Permalink
Browse files

Sanity checks for broken length records in zipfiles

This regards kunzip only. libzip has a much better handling of broken
files. libzip should have been become default a long time ago.

Fixes #7
  • Loading branch information...
dstosberg committed Jul 19, 2015
1 parent 426d4e3 commit edd090c7920fcc3b8e49b4b6d10d126a9f7a82bc
Showing with 13 additions and 0 deletions.
  1. +13 −0 kunzip/zipfile.c
View
@@ -66,10 +66,23 @@ int read_zip_header(FILE *in,
local_file_header->last_mod_file_time = read_word(in);
local_file_header->last_mod_file_date = read_word(in);
local_file_header->crc_32 = read_int(in);
local_file_header->compressed_size = read_int(in);
if (local_file_header->uncompressed_size < 1)
return -1;
local_file_header->uncompressed_size = read_int(in);
if (local_file_header->uncompressed_size < 1)
return -1;
local_file_header->file_name_length = read_word(in);
if (local_file_header->file_name_length < 1)
return -1;
local_file_header->extra_field_length = read_word(in);
if (local_file_header->extra_field_length < 1)
return -1;
local_file_header->descriptor_length = 0;
/* if the 4th bit in the general_purpose_bit_flag is set,

0 comments on commit edd090c

Please sign in to comment.