@simonmichal commented on this pull request.
> @@ -60,6 +60,7 @@ namespace XrdZip cdSize = *reinterpret_cast<const uint32_t*>( buffer + 12 ); cdOffset = *reinterpret_cast<const uint32_t*>( buffer + 16 ); commentLength = *reinterpret_cast<const uint16_t*>( buffer + 20 ); + if(maxSize > 0 && (uint32_t)(eocdBaseSize + commentLength) > maxSize) throw bad_data();
Could you please move the throw
statement to a new line?
In src/XrdCl/XrdClZipArchive.cc:
> @@ -321,10 +321,17 @@ namespace XrdCl "End-of-central-directory signature not found." ); Pipeline::Stop( error ); } + try{
Are you using a try-catch block only because of the throw
statement in line 328 (BTW please move it to the next line), if yes then it would make more sense to replace the throw
directly with a call to Pipeline::Stop( error )
. On the other hand, if we also want to cover the EOCD
constructor it would make sense to pass the maxSize
argument to it (in this case the try-catch block is justified).
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1