From: João Matos <joao@tritao.eu>
Date: Tue, 16 Jun 2015 18:26:16 +0000 (+0100)
Subject: [WindowsBase] Fixed string buffer overflow when handling Zip entries.
X-Git-Url: http://wien.tomnetworks.com/gitweb/?a=commitdiff_plain;h=0d5437fc329d30271e5da18bc512cb7481a92523;p=mono.git

[WindowsBase] Fixed string buffer overflow when handling Zip entries.

Fixes NuGet package handling, see https://bugzilla.xamarin.com/show_bug.cgi?id=26205.
---

diff --git a/mcs/class/WindowsBase/ZipSharp/NativeUnzip.cs b/mcs/class/WindowsBase/ZipSharp/NativeUnzip.cs
index 47e277bdbfb..79a9dc62aec 100644
--- a/mcs/class/WindowsBase/ZipSharp/NativeUnzip.cs
+++ b/mcs/class/WindowsBase/ZipSharp/NativeUnzip.cs
@@ -80,8 +80,13 @@ namespace zipsharp
 		static string GetCurrentFileName (UnzipHandle handle)
 		{
 			UnzipFileInfo info;
-			StringBuilder sbName = new StringBuilder (128);
-			int result = unzGetCurrentFileInfo (handle, out info, sbName, new IntPtr (sbName.Capacity), IntPtr.Zero, new IntPtr (0), null,  IntPtr.Zero);
+			int result = unzGetCurrentFileInfo (handle, out info, null, IntPtr.Zero, IntPtr.Zero, new IntPtr (0), null,  IntPtr.Zero);
+
+			if (result != 0)
+				return null;
+			
+			StringBuilder sbName = new StringBuilder ((int)info.SizeFilename+1); // +1 to account for extra \0 at the end
+			result = unzGetCurrentFileInfo (handle, out info, sbName, new IntPtr (sbName.Capacity), IntPtr.Zero, new IntPtr (0), null,  IntPtr.Zero);
 			
 			if (result != 0)
 				return null;