forcepoint #5 check for short read

a zip file within a structured storage stream. underlying storage stream claims larger size that it can satisfy on read Change-Id: I8516b12df33ad78b2525192826f5e3aef2622eb8 Reviewed-on: https://gerrit.libreoffice.org/50240 Reviewed-by: Michael Stahl <mstahl@redhat.com> Tested-by: Jenkins <ci@libreoffice.org>
author: Caolán McNamara <caolanm@redhat.com> 2018-02-23 12:53:34 +0000
committer: Caolán McNamara <caolanm@redhat.com> 2018-02-23 15:30:38 +0100
commit: 942e23ac0cf885c8d26884fa1fb17d430f42a5f5 (patch)
tree: 6fc5ed89de97f377a1f248503aff9c54c5c89c1d
parent: bb787afc61a8827e3840e892e2adb525df4df2cd (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx
index cb85ecd655ae..41846dc85f29 100644
--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -802,11 +802,14 @@ sal_Int32 ZipFile::findEND()
         nEnd = nPos >= 0 ? nPos : 0 ;
 
         aGrabber.seek( nEnd );
-        aGrabber.readBytes ( aBuffer, nLength - nEnd );
+
+        auto nSize = nLength - nEnd;
+        if (nSize != aGrabber.readBytes(aBuffer, nSize))
+            throw ZipException("Zip END signature not found!" );
 
         const sal_Int8 *pBuffer = aBuffer.getConstArray();
 
-        nPos = nLength - nEnd - ENDHDR;
+        nPos = nSize - ENDHDR;
         while ( nPos >= 0 )
         {
             if (pBuffer[nPos] == 'P' && pBuffer[nPos+1] == 'K' && pBuffer[nPos+2] == 5 && pBuffer[nPos+3] == 6 )
author	Caolán McNamara <caolanm@redhat.com>	2018-02-23 12:53:34 +0000
committer	Caolán McNamara <caolanm@redhat.com>	2018-02-23 15:30:38 +0100
commit	942e23ac0cf885c8d26884fa1fb17d430f42a5f5 (patch)
tree	6fc5ed89de97f377a1f248503aff9c54c5c89c1d
parent	bb787afc61a8827e3840e892e2adb525df4df2cd (diff)