cid#1242675 Untrusted value as argument

Change-Id: If8ecad4501d6c555791eae0ae113a34e05f9436f Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141670 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com>
author: Caolán McNamara <caolanm@redhat.com> 2022-10-22 19:41:10 +0100
committer: Caolán McNamara <caolanm@redhat.com> 2022-10-27 09:47:54 +0200
commit: fb1bf9f1fda915b30864e9ad23545930ea6d25fd (patch)
tree: c7f541486ea332865f26f03e30c3ff4261064e55 /package/source/zipapi
parent: 19e998aa98d966cffca98bed9408d5758d91d9be (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx
index c59035919bb8..828033688189 100644
--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -812,6 +812,13 @@ void ZipFile::readLOC( ZipEntry &rEntry )
     aGrabber.ReadInt32(); //size
     sal_Int16 nPathLen = aGrabber.ReadInt16();
     sal_Int16 nExtraLen = aGrabber.ReadInt16();
+
+    if (nPathLen < 0)
+    {
+        SAL_WARN("package", "bogus path len of: " << nPathLen);
+        nPathLen = 0;
+    }
+
     rEntry.nOffset = aGrabber.getPosition() + nPathLen + nExtraLen;
 
     // FIXME64: need to read 64bit LOC
@@ -821,6 +828,7 @@ void ZipFile::readLOC( ZipEntry &rEntry )
     try
     {
         // read always in UTF8, some tools seem not to set UTF8 bit
+        // coverity[tainted_data] - we've checked negative lens, and up to max short is ok here
         uno::Sequence<sal_Int8> aNameBuffer(nPathLen);
         sal_Int32 nRead = aGrabber.readBytes(aNameBuffer, nPathLen);
         if (nRead < aNameBuffer.getLength())
author	Caolán McNamara <caolanm@redhat.com>	2022-10-22 19:41:10 +0100
committer	Caolán McNamara <caolanm@redhat.com>	2022-10-27 09:47:54 +0200
commit	fb1bf9f1fda915b30864e9ad23545930ea6d25fd (patch)
tree	c7f541486ea332865f26f03e30c3ff4261064e55 /package/source/zipapi
parent	19e998aa98d966cffca98bed9408d5758d91d9be (diff)