summaryrefslogtreecommitdiffstats
path: root/install/verifier.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'install/verifier.cpp')
-rw-r--r--install/verifier.cpp8
1 files changed, 7 insertions, 1 deletions
diff --git a/install/verifier.cpp b/install/verifier.cpp
index ab750442d..3f0260138 100644
--- a/install/verifier.cpp
+++ b/install/verifier.cpp
@@ -321,8 +321,14 @@ static std::vector<Certificate> IterateZipEntriesAndSearchForKeys(const ZipArchi
std::vector<Certificate> result;
std::string_view name;
- ZipEntry entry;
+ ZipEntry64 entry;
while ((iter_status = Next(cookie, &entry, &name)) == 0) {
+ if (entry.uncompressed_length > std::numeric_limits<size_t>::max()) {
+ LOG(ERROR) << "Failed to extract " << name
+ << " because's uncompressed size exceeds size of address space. "
+ << entry.uncompressed_length;
+ return {};
+ }
std::vector<uint8_t> pem_content(entry.uncompressed_length);
if (int32_t extract_status =
ExtractToMemory(handle, &entry, pem_content.data(), pem_content.size());
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-08 13:34:35 +0100