Overview

File CVE-2023-52169.patch of Package p7zip.34729

Index: b/CPP/7zip/Archive/NtfsHandler.cpp
===================================================================
--- a/CPP/7zip/Archive/NtfsHandler.cpp
+++ b/CPP/7zip/Archive/NtfsHandler.cpp
@@ -258,8 +258,8 @@ bool CFileNameAttr::Parse(const Byte *p,
   G32(p + 0x38, Attrib);
   // G16(p + 0x3C, PackedEaSize);
   NameType = p[0x41];
-  unsigned length = p[0x40];
-  if (0x42 + length > size)
+  const unsigned length = p[0x40];
+  if (0x42 + length * 2 > size)
     return false;
   GetString(p + 0x42, length, Name);
   return true;
openSUSE Build Service is sponsored by
Places