From 29c4c484c6ddcc0e8e11f112faf49066266c2fe7 Mon Sep 17 00:00:00 2001
From: myfreeer <myfreeer@users.noreply.github.com>
Date: Mon, 9 Apr 2018 09:46:31 +0800
Subject: [PATCH] core: check buffer size before checking type

---
 node-chrome-pak.js | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/node-chrome-pak.js b/node-chrome-pak.js
index 3202416..ca1f9de 100644
--- a/node-chrome-pak.js
+++ b/node-chrome-pak.js
@@ -156,11 +156,13 @@ function unpack_proc(pak_file_path, extract_dst_dir) {
         var res_file_name = res_info[i].id.toString();
         
         var res_buf = pak_buf.slice(res_info[i].offset, res_info[i].offset + size);
-        if (res_buf.readUInt32BE(0x00) == 0x89504E47) { // ‰PNG
-            res_file_name += ".png";
-        }
-        if (res_buf.readUInt32BE(0x00) == 0x3C21646F || res_buf.readUInt32BE(0x00) == 0x3C68746D) { // ‰HTML
-            res_file_name += ".htm";
+        if (size >= 4 ) {
+            if (res_buf.readUInt32BE(0x00) == 0x89504E47) { // ‰PNG
+                res_file_name += ".png";
+            }
+            if (res_buf.readUInt32BE(0x00) == 0x3C21646F || res_buf.readUInt32BE(0x00) == 0x3C68746D) { // ‰HTML
+                res_file_name += ".htm";
+            }
         }
         
         if (!fs.existsSync(dst_dir)) { fs.mkdirSync(dst_dir); }
@@ -169,4 +171,4 @@ function unpack_proc(pak_file_path, extract_dst_dir) {
     }
     
     console.log("unpack process complete!");
-}
\ No newline at end of file
+}