Fix potential integer overflow in zip.ExtractSafe check

Jacalz · Jacalz · commit cf2895e98ae5 · 2024-11-17T11:32:01.000+01:00
diff --git a/zip/zip.go b/zip/zip.go
@@ -42,7 +42,7 @@ func ExtractSafe(source io.ReaderAt, length int64, target string, uncompressedBy
 	for _, f := range reader.File {
 		actualUncompressedSize += f.FileHeader.UncompressedSize64
 	}
-	if uncompressedBytes < int64(actualUncompressedSize) {
+	if uncompressedBytes < 0 || actualUncompressedSize > uint64(uncompressedBytes) {
 		return ErrorSizeMismatch
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,7 @@ func ExtractSafe(source io.ReaderAt, length int64, target string, uncompressedBy`
`42`	`42`	`for _, f := range reader.File {`
`43`	`43`	`actualUncompressedSize += f.FileHeader.UncompressedSize64`
`44`	`44`	`}`
`45`		`- if uncompressedBytes < int64(actualUncompressedSize) {`
	`45`	`+ if uncompressedBytes < 0 \|\| actualUncompressedSize > uint64(uncompressedBytes) {`
`46`	`46`	`return ErrorSizeMismatch`
`47`	`47`	`}`
`48`	`48`