From 7818712090b25823634adf97a352b05e1de46dae Mon Sep 17 00:00:00 2001
From: philsmd <philsmd@hashcat.net>
Date: Tue, 14 Feb 2017 18:58:25 +0100
Subject: [PATCH] minor: check for return value of sscanf () within the zip2
 parse function

---
 src/interface.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/interface.c b/src/interface.c
index a97a3e208..e49f88c1f 100644
--- a/src/interface.c
+++ b/src/interface.c
@@ -13157,7 +13157,12 @@ int zip2_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSE
 
   u8 *salt_buf = param3_pos;
 
-  u32 verify_bytes; sscanf ((const char *) param4_pos, "%4x*", &verify_bytes);
+  u32 verify_bytes;
+
+  if (sscanf ((const char *) param4_pos, "%4x*", &verify_bytes) == EOF)
+  {
+    return (PARSER_SALT_VALUE);
+  }
 
   const u32 compress_length = atoll ((const char *) param5_pos);