android-2.1_r1 snapshot

commit: b765729081399b6826c9d45d77c9c58ca2f32816 [log] [tgz]
author: The Android Open Source Project <initial-contribution@android.com> Tue Jan 12 15:18:06 2010 -0800
committer: The Android Open Source Project <initial-contribution@android.com> Tue Jan 12 15:18:06 2010 -0800
tree: f96c3fc70526d98cb381629774f2f290fee2b168
parent: a43c44f31f873d7e39d3c2872f0b9531b1584f11 [diff] [blame]
diff --git a/verifier.c b/verifier.c
index f2491a1..164fb4a 100644
--- a/verifier.c
+++ b/verifier.c

@@ -123,7 +123,7 @@
     int i;
     for (i = 4; i < eocd_size-3; ++i) {
         if (eocd[i  ] == 0x50 && eocd[i+1] == 0x4b &&
-            eocd[i+2] == 0x05 && eocd[i+1] == 0x06) {
+            eocd[i+2] == 0x05 && eocd[i+3] == 0x06) {
             // if the sequence $50 $4b $05 $06 appears anywhere after
             // the real one, minzip will find the later (wrong) one,
             // which could be exploitable.  Fail verification if
commit	b765729081399b6826c9d45d77c9c58ca2f32816	[log] [tgz]
author	The Android Open Source Project <initial-contribution@android.com>	Tue Jan 12 15:18:06 2010 -0800
committer	The Android Open Source Project <initial-contribution@android.com>	Tue Jan 12 15:18:06 2010 -0800
tree	f96c3fc70526d98cb381629774f2f290fee2b168
parent	a43c44f31f873d7e39d3c2872f0b9531b1584f11 [diff] [blame]