tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix out of bound access in libziparchive am: 1ee4892e66 am: c24dd97654

Browse source 
am: 8788591224

Change-Id: I2f0ca98c74f23b1125f29b1eaf810143a83754b4
This commit is contained in:
Tianjie Xu 2016-10-07 00:11:29 +00:00 committed by android-build-merger
commit 167562aa76
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
libziparchive/zip_archive.cc
View file

@ -463,9 +463,14 @@ static int32_t MapCentralDirectory0(int fd, const char* debug_file_name,
* Grab the CD offset and size, and the number of entries in the
* archive and verify that they look reasonable.
*/
if (eocd->cd_start_offset + eocd->cd_size > eocd_offset) {
if (static_cast<off64_t>(eocd->cd_start_offset) + eocd->cd_size > eocd_offset) {
ALOGW("Zip: bad offsets (dir %" PRIu32 ", size %" PRIu32 ", eocd %" PRId64 ")",
eocd->cd_start_offset, eocd->cd_size, static_cast<int64_t>(eocd_offset));
#if defined(__ANDROID__)
if (eocd->cd_start_offset + eocd->cd_size <= eocd_offset) {
android_errorWriteLog(0x534e4554, "31251826");
}
#endif
return kInvalidOffset;
}
if (eocd->num_records == 0) {