| --- a/extract.c |
| +++ b/extract.c |
| @@ -1,5 +1,5 @@ |
| /* |
| - Copyright (c) 1990-2009 Info-ZIP. All rights reserved. |
| + Copyright (c) 1990-2014 Info-ZIP. All rights reserved. |
| |
| See the accompanying file LICENSE, version 2009-Jan-02 or later |
| (the contents of which are also included in unzip.h) for terms of use. |
| @@ -298,6 +298,8 @@ char ZCONST Far TruncNTSD[] = |
| #ifndef SFX |
| static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \ |
| EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n"; |
| + static ZCONST char Far TooSmallEBlength[] = "bad extra-field entry:\n \ |
| + EF block length (%u bytes) invalid (< %d)\n"; |
| static ZCONST char Far InvalidComprDataEAs[] = |
| " invalid compressed data for EAs\n"; |
| # if (defined(WIN32) && defined(NTSD_EAS)) |
| @@ -2023,7 +2025,8 @@ static int TestExtraField(__G__ ef, ef_l |
| ebID = makeword(ef); |
| ebLen = (unsigned)makeword(ef+EB_LEN); |
| |
| - if (ebLen > (ef_len - EB_HEADSIZE)) { |
| + if (ebLen > (ef_len - EB_HEADSIZE)) |
| + { |
| /* Discovered some extra field inconsistency! */ |
| if (uO.qflag) |
| Info(slide, 1, ((char *)slide, "%-22s ", |
| @@ -2158,11 +2161,19 @@ static int TestExtraField(__G__ ef, ef_l |
| } |
| break; |
| case EF_PKVMS: |
| - if (makelong(ef+EB_HEADSIZE) != |
| + if (ebLen < 4) |
| + { |
| + Info(slide, 1, |
| + ((char *)slide, LoadFarString(TooSmallEBlength), |
| + ebLen, 4)); |
| + } |
| + else if (makelong(ef+EB_HEADSIZE) != |
| crc32(CRCVAL_INITIAL, ef+(EB_HEADSIZE+4), |
| (extent)(ebLen-4))) |
| + { |
| Info(slide, 1, ((char *)slide, |
| LoadFarString(BadCRC_EAs))); |
| + } |
| break; |
| case EF_PKW32: |
| case EF_PKUNIX: |