Protect for long name and extra fields in contrib/minizip [Vollant].

diff --git a/contrib/minizip/mztools.c b/contrib/minizip/mztools.c
index f9092e65ae6c5f19813c57d808a9c684a6b0d4fc..96891c2e0b71ef95a50a0c3271c83e5a2123d025 100644 (file)
--- a/contrib/minizip/mztools.c
+++ b/contrib/minizip/mztools.c
@@ -42,7 +42,7 @@ uLong* bytesRecovered;
     int entries = 0;
     uLong totalBytes = 0;
     char header[30];
-    char filename[256];
+    char filename[1024];
     char extra[1024];
     int offset = 0;
     int offsetCD = 0;
@@ -73,9 +73,14 @@ uLong* bytesRecovered;
 
         /* Filename */
         if (fnsize > 0) {
-          if (fread(filename, 1, fnsize, fpZip) == fnsize) {
-            if (fwrite(filename, 1, fnsize, fpOut) == fnsize) {
-              offset += fnsize;
+          if (fnsize < sizeof(filename)) {
+            if (fread(filename, 1, fnsize, fpZip) == fnsize) {
+                if (fwrite(filename, 1, fnsize, fpOut) == fnsize) {
+                offset += fnsize;
+              } else {
+                err = Z_ERRNO;
+                break;
+              }
             } else {
               err = Z_ERRNO;
               break;
@@ -91,9 +96,14 @@ uLong* bytesRecovered;
 
         /* Extra field */
         if (extsize > 0) {
-          if (fread(extra, 1, extsize, fpZip) == extsize) {
-            if (fwrite(extra, 1, extsize, fpOut) == extsize) {
-              offset += extsize;
+          if (extsize < sizeof(extra)) {
+            if (fread(extra, 1, extsize, fpZip) == extsize) {
+              if (fwrite(extra, 1, extsize, fpOut) == extsize) {
+                offset += extsize;
+                } else {
+                err = Z_ERRNO;
+                break;
+              }
             } else {
               err = Z_ERRNO;
               break;