Overview

File CVE-2023-52169.patch of Package p7zip.34730

Index: b/CPP/7zip/Archive/NtfsHandler.cpp
===================================================================
--- a/CPP/7zip/Archive/NtfsHandler.cpp
+++ b/CPP/7zip/Archive/NtfsHandler.cpp
@@ -266,8 +266,8 @@ bool CFileNameAttr::Parse(const Byte *p,
   G32(p + 0x38, Attrib);
   // G16(p + 0x3C, PackedEaSize);
   NameType = p[0x41];
-  unsigned len = p[0x40];
-  if (0x42 + len > size)
+  const unsigned len = p[0x40];
+  if (0x42 + len * 2 > size)
     return false;
   if (len != 0)
     GetString(p + 0x42, len, Name);
openSUSE Build Service is sponsored by
Places