package/source/zipapi/ZipFile.cxx | 6 ++++++
1 file changed, 6 insertions(+)
New commits:
commit 1b3b2e6b1b7080d04fc66c90918423c0373a7a4d
Author: Caolán McNamara <caol...@redhat.com>
AuthorDate: Tue Apr 25 12:33:26 2023 +0100
Commit: Aron Budea <aron.bu...@collabora.com>
CommitDate: Tue May 2 06:31:10 2023 +0200
tdf#155005 fail gracefully on encountering a negative compression value
we are using sal_Int64 for this so a large enough value can be
interpreted as negative here
Change-Id: Id547a24591aca4b6ed7b7955621641a0666b0bd5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150968
Tested-by: Caolán McNamara <caol...@redhat.com>
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 80805716a409c34203b059f3e03cd934367186c3)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150976
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Aron Budea <aron.bu...@collabora.com>
diff --git a/package/source/zipapi/ZipFile.cxx
b/package/source/zipapi/ZipFile.cxx
index 862ac7a78250..f3851401bb0a 100644
--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -1274,6 +1274,12 @@ bool ZipFile::checkSizeAndCRC( const ZipEntry& aEntry )
if( aEntry.nMethod == STORED )
return ( getCRC( aEntry.nOffset, aEntry.nSize ) == aEntry.nCrc );
+ if (aEntry.nCompressedSize < 0)
+ {
+ SAL_WARN("package", "bogus compressed size of: " <<
aEntry.nCompressedSize);
+ return false;
+ }
+
getSizeAndCRC( aEntry.nOffset, aEntry.nCompressedSize, &nSize, &nCRC );
return ( aEntry.nSize == nSize && aEntry.nCrc == nCRC );
}
