Overview

File CVE-2018-7725.patch of Package zziplib.35221

Index: zziplib-0.13.67/zzip/memdisk.c
===================================================================
--- zziplib-0.13.67.orig/zzip/memdisk.c
+++ zziplib-0.13.67/zzip/memdisk.c
@@ -210,6 +210,14 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI
     item->zz_filetype = zzip_disk_entry_get_filetype(entry);
 
     /*
+     * If zz_data+zz_csize exceeds the size of the file, bail out
+     */
+    if ((item->zz_data + item->zz_csize) < disk->buffer ||
+	(item->zz_data + item->zz_csize) >= disk->endbuf)
+    {
+	goto error;
+    }
+    /*
      * If the file is uncompressed, zz_csize and zz_usize should be the same
      * If they are not, we cannot guarantee that either is correct, so ...
      */
openSUSE Build Service is sponsored by
Places