UNZ_EOF and UNZ_OK are both zero, so the caller of unzlocal_getByte has no way to know whether or not pi points to data or garbage. This change makes it point to zero in the EOF case. While it might be better to indicate an error immediately, that is a more significant change. The library ought to be just as good at handling an erroneous zero byte as anything else; and this way dynamic analysis tools won't complain about use-of-uninitialized-value when reading a malformed file.

2025-03-28 21:13:18 +00:00 · 2015-06-15 15:55:27 -07:00 · 2015-06-15 15:55:27 -07:00 · db42f0258a
commit db42f0258a
parent f5d3d04272
1 changed files with 1 additions and 0 deletions
--- a/unzip.c
+++ b/unzip.c
@ -198,6 +198,7 @@ local int unz64local_getByte(const zlib_filefunc64_32_def* pzlib_filefunc_def, v
        *pi = (int)c;
        return UNZ_OK;
    }
+    *pi = 0;
    if (ZERROR64(*pzlib_filefunc_def, filestream))
        return UNZ_ERRNO;
    return UNZ_EOF;