From a9d7f80cc68a1bbf3ab082f761f95cefc47aa3e7 Mon Sep 17 00:00:00 2001 From: Eli Kobrin Date: Fri, 20 May 2022 16:30:15 +0300 Subject: [PATCH] Fix integer overflow in header corruption check. --- miniz_zip.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/miniz_zip.c b/miniz_zip.c index 57e5fad..235cab6 100644 --- a/miniz_zip.c +++ b/miniz_zip.c @@ -723,7 +723,7 @@ static mz_bool mz_zip_reader_read_central_dir(mz_zip_archive *pZip, mz_uint flag if (((num_this_disk | cdir_disk_index) != 0) && ((num_this_disk != 1) || (cdir_disk_index != 1))) return mz_zip_set_error(pZip, MZ_ZIP_UNSUPPORTED_MULTIDISK); - if (cdir_size < pZip->m_total_files * MZ_ZIP_CENTRAL_DIR_HEADER_SIZE) + if (cdir_size < (mz_uint64)pZip->m_total_files * MZ_ZIP_CENTRAL_DIR_HEADER_SIZE) return mz_zip_set_error(pZip, MZ_ZIP_INVALID_HEADER_OR_CORRUPTED); if ((cdir_ofs + (mz_uint64)cdir_size) > pZip->m_archive_size)