From 9218599b40ba6df7d7d97aa9fb0c82183241487e Mon Sep 17 00:00:00 2001
From: Chris Hennick <4961925+Pr0methean@users.noreply.github.com>
Date: Sun, 2 Jun 2024 21:16:55 -0700
Subject: [PATCH] chore: Fix a fuzz failure by using checked_sub

---
 src/extra_fields/zipinfo_utf8.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/extra_fields/zipinfo_utf8.rs b/src/extra_fields/zipinfo_utf8.rs
index 7644b5f8..7119bbfb 100644
--- a/src/extra_fields/zipinfo_utf8.rs
+++ b/src/extra_fields/zipinfo_utf8.rs
@@ -32,8 +32,10 @@ impl UnicodeExtraField {
         reader.read_exact(&mut [0u8])?;
 
         let crc32 = reader.read_u32_le()?;
-        let mut content =
-            vec![0u8; len as usize - size_of::<u8>() - size_of::<u32>()].into_boxed_slice();
+        let content_len = (len as usize)
+            .checked_sub(size_of::<u8>() + size_of::<u32>())
+            .ok_or(ZipError::InvalidArchive("Unicode extra field is too small"))?;
+        let mut content = vec![0u8; content_len].into_boxed_slice();
         reader.read_exact(&mut content)?;
         Ok(Self { crc32, content })
     }