fix: Additional bogus checks in JVM read strategy

Just temporary measures until the associated TODO message is properly addressed.

Author: Col-E

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>software.coley</groupId>
     <artifactId>lljzip</artifactId>
-    <version>1.1.6</version>
+    <version>1.1.7</version>
 
     <properties>
         <junit.version>5.8.2</junit.version>

src/main/java/software/coley/llzip/strategy/JvmZipReaderStrategy.java

@@ -78,14 +78,25 @@ else if (ByteDataUtil.startsWith(data, jvmBaseFileOffset, ZipPatterns.CENTRAL_DI
 				}
 			}
 		} else {
-			// TODO: Double check 'precedingEndOfCentralDirectory' points to a EndOfCentralDirectory that isn't bogus
-			//  like some shit defined as a fake comment in another ZipPart
-
 			// There was a prior end part, so we will seek past it's length and use that as the base offset.
 			try {
 				// Make sure it isn't bogus before we use it as a reference point
 				EndOfCentralDirectory tempEnd = new EndOfCentralDirectory();
 				tempEnd.read(data, precedingEndOfCentralDirectory);
+
+
+				// TODO: Double check 'precedingEndOfCentralDirectory' points to a EndOfCentralDirectory that isn't bogus
+				//  like some shit defined as a fake comment in another ZipPart.
+				//   - Needs to be done in such a way where we do not get tricked by the '-trick.jar' samples
+				//  This is a quick hack.
+				if (tempEnd.getCentralDirectorySize() > len)
+					throw new IllegalStateException();
+				if (tempEnd.getCentralDirectoryOffset() > tempEnd.getNumEntries())
+					throw new IllegalStateException();
+				if (tempEnd.getDiskNumber() == 0 && tempEnd.getNumEntries() != tempEnd.getCentralDirectoryOffset())
+					throw new IllegalStateException();
+
+
 				jvmBaseFileOffset = precedingEndOfCentralDirectory + tempEnd.length();
 			} catch (Exception ex) {
 				// It's bogus and the sig-match was a coincidence. Zero out the offset.