diff options
author | Caolán McNamara <caolanm@redhat.com> | 2018-02-23 12:53:34 +0000 |
---|---|---|
committer | Caolán McNamara <caolanm@redhat.com> | 2018-02-23 15:30:38 +0100 |
commit | 942e23ac0cf885c8d26884fa1fb17d430f42a5f5 (patch) | |
tree | 6fc5ed89de97f377a1f248503aff9c54c5c89c1d | |
parent | bb787afc61a8827e3840e892e2adb525df4df2cd (diff) |
forcepoint #5 check for short read
a zip file within a structured storage stream. underlying storage stream
claims larger size that it can satisfy on read
Change-Id: I8516b12df33ad78b2525192826f5e3aef2622eb8
Reviewed-on: https://gerrit.libreoffice.org/50240
Reviewed-by: Michael Stahl <mstahl@redhat.com>
Tested-by: Jenkins <ci@libreoffice.org>
-rw-r--r-- | package/source/zipapi/ZipFile.cxx | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index cb85ecd655ae..41846dc85f29 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -802,11 +802,14 @@ sal_Int32 ZipFile::findEND() nEnd = nPos >= 0 ? nPos : 0 ; aGrabber.seek( nEnd ); - aGrabber.readBytes ( aBuffer, nLength - nEnd ); + + auto nSize = nLength - nEnd; + if (nSize != aGrabber.readBytes(aBuffer, nSize)) + throw ZipException("Zip END signature not found!" ); const sal_Int8 *pBuffer = aBuffer.getConstArray(); - nPos = nLength - nEnd - ENDHDR; + nPos = nSize - ENDHDR; while ( nPos >= 0 ) { if (pBuffer[nPos] == 'P' && pBuffer[nPos+1] == 'K' && pBuffer[nPos+2] == 5 && pBuffer[nPos+3] == 6 ) |