From c8264f9eb4812f9360e9f01b8a12ab5fdfca627b Mon Sep 17 00:00:00 2001
From: Michael Schroeder <mls@suse.de>
Date: Tue, 5 Aug 2025 11:14:27 +0200
Subject: [PATCH] repo_apkv3: improve blob length check

---
 ext/repo_apkv3.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/repo_apkv3.c b/ext/repo_apkv3.c
index 4458d6cc..365506a7 100644
--- a/ext/repo_apkv3.c
+++ b/ext/repo_apkv3.c
@@ -54,7 +54,7 @@ adb_blob(const unsigned char *adb, size_t adblen, unsigned int v, size_t *bloblp
       blobl |= adb[v++] << 16;
       blobl |= adb[v++] << 24;
     }
-  if (v + blobl > adblen)
+  if (blobl > adblen || v + blobl > adblen)
     return 0;
   *bloblp = blobl;
   return adb + v;
-- 
2.47.2