Fix an overlow on undersized zip buffer

am: 4effb50064 Change-Id: I639d584ecca3648f279f6f690d236c8abcefc26c
author: Amin Hassani <ahassani@google.com> 2020-01-13 23:00:50 -0800
committer: android-build-merger <android-build-merger@google.com> 2020-01-13 23:00:50 -0800
commit: 98a12d9b89005192d01f3a23ae18cc046c1fb2dd (patch)
tree: 515ab32dfde6dabd0e67095b28d851c9a13f9a17
parent: 27423c2cdbfef92462efce938d304aacabc1c612 (diff)
parent: 4effb50064a04a3b2394d8132f0544cf851107a4 (diff)
download: puffin-98a12d9b89005192d01f3a23ae18cc046c1fb2dd.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/utils.cc b/src/utils.cc
index 708684d..d0aece0 100644
--- a/src/utils.cc
+++ b/src/utils.cc
@@ -244,7 +244,7 @@ bool LocateDeflatesInGzip(const Buffer& data, vector<BitExtent>* deflates) {
 bool LocateDeflatesInZipArchive(const Buffer& data,
                                 vector<BitExtent>* deflates) {
   uint64_t pos = 0;
-  while (pos <= data.size() - 30) {
+  while (pos + 30 <= data.size()) {
     // TODO(xunchang) add support for big endian system when searching for
     // magic numbers.
     if (get_unaligned<uint32_t>(data.data() + pos) != 0x04034b50) {
author	Amin Hassani <ahassani@google.com>	2020-01-13 23:00:50 -0800
committer	android-build-merger <android-build-merger@google.com>	2020-01-13 23:00:50 -0800
commit	98a12d9b89005192d01f3a23ae18cc046c1fb2dd (patch)
tree	515ab32dfde6dabd0e67095b28d851c9a13f9a17
parent	27423c2cdbfef92462efce938d304aacabc1c612 (diff)
parent	4effb50064a04a3b2394d8132f0544cf851107a4 (diff)
download	puffin-98a12d9b89005192d01f3a23ae18cc046c1fb2dd.tar.gz