<code>(<nobr>int fd</nobr>,
<nobr>struct zzip_disk_trailer * trailer</nobr>,
<nobr>struct zzip_dir_hdr ** hdr_return</nobr>,
-<nobr>zzip_plugin_io_t io</nobr>)</code>
+<nobr>zzip_plugin_io_t io</nobr>,
+<nobr>zzip_off_t filesize</nobr>)</code>
</td></tr><tr valign="top">
<td valign="top"><code>ZZIP_DIR*
<code>(<nobr>int fd</nobr>,
<nobr>struct zzip_disk_trailer * trailer</nobr>,
<nobr>struct zzip_dir_hdr ** hdr_return</nobr>,
-<nobr>zzip_plugin_io_t io</nobr>)</code>
+<nobr>zzip_plugin_io_t io</nobr>,
+<nobr>zzip_off_t filesize</nobr>)</code>
</code></code><dt>
<dd><p> (../zzip/zip.c)
int __zzip_parse_root_directory(int fd,
struct _disk_trailer *trailer,
struct zzip_dir_hdr **hdr_return,
- zzip_plugin_io_t io);
+ zzip_plugin_io_t io,
+ zzip_off_t filesize);
_zzip_inline static char *__zzip_aligned4(char *p);
__zzip_parse_root_directory(int fd,
struct _disk_trailer *trailer,
struct zzip_dir_hdr **hdr_return,
- zzip_plugin_io_t io)
+ zzip_plugin_io_t io,
+ zzip_off_t filesize);
{
auto struct zzip_disk_entry dirent;
struct zzip_dir_hdr *hdr;
zzip_off64_t zz_rootseek = _disk_trailer_rootseek(trailer);
__correct_rootseek(zz_rootseek, zz_rootsize, trailer);
+ if (zz_rootsize <= 0 || zz_rootseek < 0 || zz_rootseek >= filesize)
+ return ZZIP_CORRUPTED;
+
if (zz_entries < 0 || zz_rootseek < 0 || zz_rootsize < 0)
return ZZIP_CORRUPTED;
(long) _disk_trailer_rootseek(&trailer));
if ((rv = __zzip_parse_root_directory(dir->fd, &trailer, &dir->hdr0,
- dir->io)) != 0)
+ dir->io, filesize)) != 0)
{ goto error; }
error:
return rv;
projects / zziplib / commitdiff