coverity#1242675 Untrusted value as argument

Change-Id: I1d8f32095f297919dc3ccab51093295f8c31707d

1 files changed, 9 insertions, 4 deletions

diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx
index cd4ed2e7491f..bb178f5a8ef5 100644
--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -660,11 +660,16 @@ bool ZipFile::readLOC( ZipEntry &rEntry )
 
     try
     {
+        sal_Int16 nPathLenToRead = nPathLen;
+        const sal_Int64 nBytesAvailable = aGrabber.getLength() - aGrabber.getPosition();
+        if (nPathLenToRead > nBytesAvailable)
+            nPathLenToRead = nBytesAvailable;
+
         // read always in UTF8, some tools seem not to set UTF8 bit
-        uno::Sequence < sal_Int8 > aNameBuffer( nPathLen );
-        sal_Int32 nRead = aGrabber.readBytes( aNameBuffer, nPathLen );
-        if ( nRead < aNameBuffer.getLength() )
-                aNameBuffer.realloc( nRead );
+        uno::Sequence<sal_Int8> aNameBuffer(nPathLenToRead);
+        sal_Int32 nRead = aGrabber.readBytes(aNameBuffer, nPathLenToRead);
+        if (nRead < aNameBuffer.getLength())
+            aNameBuffer.realloc(nRead);
 
         OUString sLOCPath = OUString::intern( (sal_Char *) aNameBuffer.getArray(),
                                                           aNameBuffer.getLength(),