Extracted from a patch in Fedora.

http://pkgs.fedoraproject.org/cgit/unzip.git/tree/unzip-6.0-heap-overflow-infloop.patch?id=d18f821e

From bd150334fb4084f5555a6be26b015a0671cb5b74 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Tue, 22 Sep 2015 18:52:23 +0200
Subject: [PATCH 3/3] extract: prevent unsigned overflow on invalid input

Suggested-by: Stefan Cornelius
---
 extract.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/extract.c b/extract.c
index 29db027..b9ae667 100644
--- a/extract.c
+++ b/extract.c
@@ -1257,8 +1257,17 @@ static int extract_or_test_entrylist(__G__ numchunk,
         if (G.lrec.compression_method == STORED) {
             zusz_t csiz_decrypted = G.lrec.csize;
 
-            if (G.pInfo->encrypted)
+            if (G.pInfo->encrypted) {
+                if (csiz_decrypted <= 12) {
+                    /* handle the error now to prevent unsigned overflow */
+                    Info(slide, 0x401, ((char *)slide,
+                      LoadFarStringSmall(ErrUnzipNoFile),
+                      LoadFarString(InvalidComprData),
+                      LoadFarStringSmall2(Inflate)));
+                    return PK_ERR;
+                }
                 csiz_decrypted -= 12;
+            }
             if (G.lrec.ucsize != csiz_decrypted) {
                 Info(slide, 0x401, ((char *)slide,
                   LoadFarStringSmall2(WrnStorUCSizCSizDiff),
-- 
2.5.2

aa31dbe991b50ae91ef08174'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/system/shadow.scm'>
<input type='hidden' name='id' value='b1f29b1124a08f67aa31dbe991b50ae91ef08174'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=b1f29b1124a08f67aa31dbe991b50ae91ef08174'>root</a>/<a href='/guix/log/gnu?id=b1f29b1124a08f67aa31dbe991b50ae91ef08174'>gnu</a>/<a href='/guix/log/gnu/system?id=b1f29b1124a08f67aa31dbe991b50ae91ef08174'>system</a>/<a href='/guix/log/gnu/system/shadow.scm?id=b1f29b1124a08f67aa31dbe991b50ae91ef08174'>shadow.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/system/shadow.scm?id=b1f29b1124a08f67aa31dbe991b50ae91ef08174&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2021-02-03 09:57:35 +0000'>2021-02-03</span></td><td><a href='/guix/commit/gnu/system/shadow.scm?id=e740cc614096e768813280c718f9e96343ba41b3'>Merge branch 'master' into core-updates</a></td><td>Christopher Baines</td></tr>
<tr><td><span title='2021-01-20 09:04:59 +0100'>2021-01-20</span></td><td><a href='/guix/commit/gnu/system/shadow.scm?id=6c5112dbb32c217abf09ff8ff9bf8c47d0aea651'>services: Do not warn, when duplicate users are eq?.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/system/shadow.scm (account-activation): Delete duplicate (eq?) users
and groups before transforming them to specs and asserting, that names are
unique.
</span></span></td><td>Leo Prikler</td></tr>
<tr><td><span title='2021-01-20 09:04:57 +0100'>2021-01-20</span></td><td><a href='/guix/commit/gnu/system/shadow.scm?id=239af11a69a588f109d1dcd195f9abe9940cce8c'>shadow: End duplicate warnings with new lines.</a><span class='msg-avail'>...<span class='msg-tooltip'>The change from formatted message causes the line to no longer automatically
be ended.  This will need to be reverted once again, when duplicate names
become hard errors.

* gnu/system/shadow.scm (assert-unique-account-names)
(assert-unique-group-names): End format strings in ~%.
</span></span></td><td>Leo Prikler</td></tr>
<tr><td><span title='2021-01-13 00:44:34 +0100'>2021-01-13</span></td><td><a href='/guix/commit/gnu/system/shadow.scm?id=645a28ee97a8708598643941456ba4310fab951b'>Reapply "system: Assert, that user and group names are unique."</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/system/shadow.scm (assert-unique-account-names)
(assert-unique-group-names): Demote formatted-message to warning.
</span></span></td><td>Leo Prikler</td></tr>
<tr><td><span title='2021-01-12 23:53:53 +0100'>2021-01-12</span></td><td><a href='/guix/commit/gnu/system/shadow.scm?id=8488f45b6e05d646224cc2b410497ddf9864c612'>Revert "system: Assert, that user and group names are unique."</a><span class='msg-avail'>...<span class='msg-tooltip'>This reverts commit a3002104a84c60556b6616d100cb98019e48759d, which
breaks certain system configurations like:

$ guix system reconfigure config.scm
guix system: error: the following groups appear more than once: lp
</span></span></td><td>Jonathan Brielmaier</td></tr>
<tr><td><span title='2021-01-11 16:03:47 +0100'>2021-01-11</span></td><td><a href='/guix/commit/gnu/system/shadow.scm?id=a3002104a84c60556b6616d100cb98019e48759d'>system: Assert, that user and group names are unique.</a><span class='msg-avail'>...<span class='msg-tooltip'>*gnu/system/shadow.scm (find-duplicates): New variable.
(assert-unique-account-names, assert-unique-group-names): New variables.
(account-activation): Use them here.
</span></span></td><td>Leo Prikler</td></tr>