Comparing version 2.4.2 to 2.4.3
@@ -284,2 +284,3 @@ var fs = require("fs"); | ||
while (i < extraFieldBuffer.length) { | ||
if (i >= extraFieldBuffer.length - 4) return emitErrorAndAutoClose(self, new Error("unexpected end of Extra Field buffer")); | ||
var headerId = extraFieldBuffer.readUInt16LE(i + 0); | ||
@@ -289,2 +290,3 @@ var dataSize = extraFieldBuffer.readUInt16LE(i + 2); | ||
var dataEnd = dataStart + dataSize; | ||
if (dataEnd > extraFieldBuffer.length) return emitErrorAndAutoClose(self, new Error("extra field length exceeds Extra Field buffer size")); | ||
var dataBuffer = new Buffer(dataSize); | ||
@@ -291,0 +293,0 @@ extraFieldBuffer.copy(dataBuffer, 0, dataStart, dataEnd); |
{ | ||
"name": "yauzl", | ||
"version": "2.4.2", | ||
"version": "2.4.3", | ||
"description": "yet another unzip library for node", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -442,2 +442,4 @@ # yauzl | ||
* 2.4.3 | ||
* Fix crash when parsing malformed Extra Field buffers. [issue #31](https://github.com/thejoshwolfe/yauzl/issues/31) | ||
* 2.4.2 | ||
@@ -444,0 +446,0 @@ * Remove .npmignore and .travis.yml from npm package. |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
47385
584
472