Extracted from a patch in Fedora.

http://pkgs.fedoraproject.org/cgit/unzip.git/tree/unzip-6.0-heap-overflow-infloop.patch?id=d18f821e

From bd150334fb4084f5555a6be26b015a0671cb5b74 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Tue, 22 Sep 2015 18:52:23 +0200
Subject: [PATCH 3/3] extract: prevent unsigned overflow on invalid input

Suggested-by: Stefan Cornelius
---
 extract.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/extract.c b/extract.c
index 29db027..b9ae667 100644
--- a/extract.c
+++ b/extract.c
@@ -1257,8 +1257,17 @@ static int extract_or_test_entrylist(__G__ numchunk,
         if (G.lrec.compression_method == STORED) {
             zusz_t csiz_decrypted = G.lrec.csize;
 
-            if (G.pInfo->encrypted)
+            if (G.pInfo->encrypted) {
+                if (csiz_decrypted <= 12) {
+                    /* handle the error now to prevent unsigned overflow */
+                    Info(slide, 0x401, ((char *)slide,
+                      LoadFarStringSmall(ErrUnzipNoFile),
+                      LoadFarString(InvalidComprData),
+                      LoadFarStringSmall2(Inflate)));
+                    return PK_ERR;
+                }
                 csiz_decrypted -= 12;
+            }
             if (G.lrec.ucsize != csiz_decrypted) {
                 Info(slide, 0x401, ((char *)slide,
                   LoadFarStringSmall2(WrnStorUCSizCSizDiff),
-- 
2.5.2

rvices/utils.scm?id=c666cc3fb913481348706e9552e2f61eab1b42ca'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/home/services/utils.scm'>
<input type='hidden' name='id' value='c666cc3fb913481348706e9552e2f61eab1b42ca'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=c666cc3fb913481348706e9552e2f61eab1b42ca'>root</a>/<a href='/guix/log/gnu?id=c666cc3fb913481348706e9552e2f61eab1b42ca'>gnu</a>/<a href='/guix/log/gnu/home?id=c666cc3fb913481348706e9552e2f61eab1b42ca'>home</a>/<a href='/guix/log/gnu/home/services?id=c666cc3fb913481348706e9552e2f61eab1b42ca'>services</a>/<a href='/guix/log/gnu/home/services/utils.scm?id=c666cc3fb913481348706e9552e2f61eab1b42ca'>utils.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/home/services/utils.scm?id=c666cc3fb913481348706e9552e2f61eab1b42ca&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2021-11-14 17:35:30 -0800'>2021-11-14</span></td><td><a href='/guix/commit/gnu/home/services/utils.scm?id=e1498538459f366e97eb96e92067391b163b00b4'>gnu: home: services: Fix typo.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/home/services/utils.scm: Fix spelling of "anything".
</span></span></td><td>Vagrant Cascadian</td></tr>
<tr><td><span title='2021-10-08 15:36:18 +0300'>2021-10-08</span></td><td><a href='/guix/commit/gnu/home/services/utils.scm?id=ba8ddb348045f81f061a1c7f51c0f7c2b0024e71'>gnu: Move (gnu home-services) to (gnu home services).</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/home-services/configuration.scm: Move the content ...
* gnu/home/services/configuration.scm: ... here.
* doc/guix.texi:
Replace (gnu home-services mcron) with (gnu home services mcron).
Replace (gnu home-services) with (gnu home services).
* gnu/home.scm:
Replace (gnu home-services fontutils) with (gnu services fontutils).
Replace (gnu home-services shells) with (gnu home services shells).
Replace (gnu home-services symlink-manager) with
(gnu home services symlink-manager).
Replace (gnu home-services xdg) with (gnu home services xdg).
* gnu/home-services/fontutils.scm: Rename to gnu/services/fontutils.scm.
* gnu/home-services/mcron.scm: Move to gnu/home/services/mcron.scm.
Replace (gnu home-services shepherd) with (gnu home services shepherd).
* gnu/home-services.scm (%service-type-path):
Search home services in "gnu/services".
* gnu/home-services/shells.scm: Replace (gnu home-services configuration) with
(gnu home services configuration).
Rename to gnu/home/services/shells.scm.
Replace (gnu home-services utils) with (gnu home services utils).
* gnu/home-services/shepherd.scm: Move to gnu/home/services/shepherd.scm.
* gnu/home-services/symlink-manager.scm:
Rename to gnu/home/services/symlink-manager.scm.
* gnu/home-services/utils.scm: Rename to gnu/home/services/utils.scm.
* gnu/home-services/xdg.scm: Rename to gnu/home/services/xdg.scm.
* guix/scripts/home/import.scm:
Replace (gnu home-services bash) with (gnu home services bash).
* gnu/home-services.scm: Update documentation string.
* doc/he-config-bare-bones.scm:
Apply new (gnu home-services ...) modules location.
* gnu/local.mk (GNU_SYSTEM_MODULES): Same.
</span></span></td><td>Oleg Pykhalov</td></tr>