fix: add header offset overflow check

- during the header offset calculation, perform overflow check Tested: - Local tests
zip-rs · zamazan4ik · Jan 23, 2022 · Jan 22, 2022 · Jan 22, 2022 · Jan 22, 2022
commit 8a666b102b0d61b6f76a374f13494c662ae126ef
diff --git a/src/read.rs b/src/read.rs
@@ -603,7 +603,10 @@ pub(crate) fn central_header_to_zip_file<R: Read + io::Seek>(
     }
 
     // Account for shifted zip offsets.
-    result.header_start += archive_offset;
+    result.header_start = result
+        .header_start
+        .checked_add(archive_offset)
+        .ok_or(ZipError::InvalidArchive("Archive header is too large"))?;
 
     Ok(result)
 }