fcrypt only supports passwords up to UINT_MAX characters long.
Also, avoid implicit integer conversion.
diff --git a/lib/zip_source_winzip_aes_decode.c b/lib/zip_source_winzip_aes_decode.c
index fdf4a33..87484af 100644
--- a/lib/zip_source_winzip_aes_decode.c
+++ b/lib/zip_source_winzip_aes_decode.c
@@ -92,6 +92,11 @@
return NULL;
}
+ if (strlen(password) > UINT_MAX) {
+ zip_error_set(&za->error, ZIP_ER_INVAL, 0); /* TODO: better error code? (password too long) */
+ return NULL;
+ }
+
if (zip_source_stat(src, &st) != 0) {
_zip_error_set_from_source(&za->error, src);
return NULL;
@@ -125,7 +130,7 @@
{
zip_uint8_t header[MAX_HEADER_LENGTH];
zip_uint8_t password_verification[PWD_VER_LENGTH];
- zip_uint8_t headerlen;
+ unsigned int headerlen;
zip_int64_t n;
headerlen = PWD_VER_LENGTH + salt_length[ctx->mode];
@@ -139,7 +144,7 @@
return -1;
}
- if (_zip_fcrypt_init(ctx->mode, (unsigned char *)ctx->password, strlen(ctx->password), header, password_verification, &ctx->fcrypt_ctx) != 0) {
+ if (_zip_fcrypt_init(ctx->mode, (unsigned char *)ctx->password, (unsigned int)strlen(ctx->password), header, password_verification, &ctx->fcrypt_ctx) != 0) {
zip_error_set(&ctx->error, ZIP_ER_MEMORY, 0);
return -1;
}
@@ -208,7 +213,7 @@
total = (zip_uint64_t)n;
for (offset = 0; offset < total; offset += ZIP_MIN(total - offset, UINT_MAX)) {
- _zip_fcrypt_decrypt((zip_uint8_t *)data + offset, ZIP_MIN(total - offset, UINT_MAX), &ctx->fcrypt_ctx);
+ _zip_fcrypt_decrypt((zip_uint8_t *)data + offset, (unsigned int)ZIP_MIN(total - offset, UINT_MAX), &ctx->fcrypt_ctx);
}
return n;
