Skip to content

Commit 3699bd2

Browse files
author
kalibera
committed
Improve error handling.
git-svn-id: https://svn.r-project.org/R/trunk@88324 00db46b3-68df-0310-9c12-caf00c1e9a41
1 parent 6363258 commit 3699bd2

File tree

1 file changed

+20
-4
lines changed

1 file changed

+20
-4
lines changed

src/main/dounzip.c

Lines changed: 20 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -123,7 +123,10 @@ extract_one(unzFile uf, const char *const dest, const char * const filename,
123123

124124
err = unzOpenCurrentFile(uf);
125125
if (err != UNZ_OK) return err;
126-
if (strlen(dest) > R_PATH_MAX - 2) return 1;
126+
if (strlen(dest) > R_PATH_MAX - 2) {
127+
unzCloseCurrentFile(uf);
128+
return 1;
129+
}
127130
strcpy(outname, dest);
128131
strcat(outname, FILESEP);
129132
unz_file_info64 file_info;
@@ -132,9 +135,16 @@ extract_one(unzFile uf, const char *const dest, const char * const filename,
132135
sizeof(filename_inzip), NULL, 0, NULL, 0);
133136
fn = filename_inzip; /* might be UTF-8 ... */
134137
if (filename) {
135-
if (strlen(filename) > R_PATH_MAX - 1) return 1;
138+
if (strlen(filename) > R_PATH_MAX - 1) {
139+
unzCloseCurrentFile(uf);
140+
return 1;
141+
}
136142
strcpy(fn0, filename);
137143
fn = fn0;
144+
} else if (err != UNZ_OK
145+
|| file_info.size_filename >= sizeof(filename_inzip)) {
146+
unzCloseCurrentFile(uf);
147+
return 1;
138148
}
139149
#ifdef Win32
140150
R_fixslash(fn);
@@ -143,7 +153,10 @@ extract_one(unzFile uf, const char *const dest, const char * const filename,
143153
p = Rf_strrchr(fn, '/');
144154
if (p) fn = p+1;
145155
}
146-
if (strlen(outname) + strlen(fn) > R_PATH_MAX - 1) return 1;
156+
if (strlen(outname) + strlen(fn) > R_PATH_MAX - 1) {
157+
unzCloseCurrentFile(uf);
158+
return 1;
159+
}
147160
strcat(outname, fn);
148161

149162
#ifdef Win32
@@ -309,7 +322,9 @@ static SEXP ziplist(const char *zipname)
309322

310323
err = unzGetCurrentFileInfo64(uf, &file_info, filename_inzip,
311324
sizeof(filename_inzip), NULL, 0, NULL, 0);
312-
if (err != UNZ_OK) {
325+
if (err != UNZ_OK ||
326+
file_info.size_filename >= sizeof(filename_inzip)) {
327+
313328
unzClose(uf);
314329
error("error %d with zipfile in unzGetCurrentFileInfo\n", err);
315330
}
@@ -1632,6 +1647,7 @@ extern int ZEXPORT unzLocateFile (unzFile file, const char *szFileName, int iCas
16321647
while (err == UNZ_OK)
16331648
{
16341649
char szCurrentFileName[UNZ_MAXFILENAMEINZIP+1];
1650+
szCurrentFileName[UNZ_MAXFILENAMEINZIP] = '\0';
16351651
err = unzGetCurrentFileInfo64(file, NULL,
16361652
szCurrentFileName,
16371653
sizeof(szCurrentFileName)-1,

0 commit comments

Comments
 (0)