diff --git a/miniz-2.2.0-miniz_zip-fix-mz_zip_reader_extract_to_heap-to-read-.patch b/miniz-2.2.0-miniz_zip-fix-mz_zip_reader_extract_to_heap-to-read-.patch
new file mode 100644
index 0000000..6d3e2b3
--- /dev/null
+++ b/miniz-2.2.0-miniz_zip-fix-mz_zip_reader_extract_to_heap-to-read-.patch
@@ -0,0 +1,108 @@
+From f37c338de59d335e6fee6f5040653a3fe731e825 Mon Sep 17 00:00:00 2001
+From: Ozkan Sezer <sezeroz@gmail.com>
+Date: Sun, 2 Jan 2022 20:56:56 +0300
+Subject: [PATCH] miniz_zip: fix mz_zip_reader_extract_to_heap to read correct
+ sizes
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fixes: https://github.com/richgel999/miniz/issues/218
+Petr Písař: Ported to 2.2.0 from
+501a76154940c465bc3e97f7e2d16134021bd8aa and
+f3d9e2293bdf9da952747cdd794a4fa83e0e5b24.
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ miniz.c | 31 +++++++++++++++++--------------
+ 1 file changed, 17 insertions(+), 14 deletions(-)
+
+diff --git a/miniz.c b/miniz.c
+index 845a107..e32f892 100644
+--- a/miniz.c
++++ b/miniz.c
+@@ -4385,7 +4385,8 @@ mz_bool mz_zip_reader_locate_file_v2(mz_zip_archive *pZip, const char *pName, co
+     return mz_zip_set_error(pZip, MZ_ZIP_FILE_NOT_FOUND);
+ }
+ 
+-mz_bool mz_zip_reader_extract_to_mem_no_alloc(mz_zip_archive *pZip, mz_uint file_index, void *pBuf, size_t buf_size, mz_uint flags, void *pUser_read_buf, size_t user_read_buf_size)
++static
++mz_bool mz_zip_reader_extract_to_mem_no_alloc1(mz_zip_archive *pZip, mz_uint file_index, void *pBuf, size_t buf_size, mz_uint flags, void *pUser_read_buf, size_t user_read_buf_size, const mz_zip_archive_file_stat *st)
+ {
+     int status = TINFL_STATUS_DONE;
+     mz_uint64 needed_size, cur_file_ofs, comp_remaining, out_buf_ofs = 0, read_buf_size, read_buf_ofs = 0, read_buf_avail;
+@@ -4398,6 +4399,9 @@ mz_bool mz_zip_reader_extract_to_mem_no_alloc(mz_zip_archive *pZip, mz_uint file
+     if ((!pZip) || (!pZip->m_pState) || ((buf_size) && (!pBuf)) || ((user_read_buf_size) && (!pUser_read_buf)) || (!pZip->m_pRead))
+         return mz_zip_set_error(pZip, MZ_ZIP_INVALID_PARAMETER);
+ 
++    if (st) {
++        file_stat = *st;
++    } else
+     if (!mz_zip_reader_file_stat(pZip, file_index, &file_stat))
+         return MZ_FALSE;
+ 
+@@ -4528,17 +4532,22 @@ mz_bool mz_zip_reader_extract_to_mem_no_alloc(mz_zip_archive *pZip, mz_uint file
+     return status == TINFL_STATUS_DONE;
+ }
+ 
++mz_bool mz_zip_reader_extract_to_mem_no_alloc(mz_zip_archive *pZip, mz_uint file_index, void *pBuf, size_t buf_size, mz_uint flags, void *pUser_read_buf, size_t user_read_buf_size)
++{
++    return mz_zip_reader_extract_to_mem_no_alloc1(pZip, file_index, pBuf, buf_size, flags, pUser_read_buf, user_read_buf_size, NULL);
++}
++
+ mz_bool mz_zip_reader_extract_file_to_mem_no_alloc(mz_zip_archive *pZip, const char *pFilename, void *pBuf, size_t buf_size, mz_uint flags, void *pUser_read_buf, size_t user_read_buf_size)
+ {
+     mz_uint32 file_index;
+     if (!mz_zip_reader_locate_file_v2(pZip, pFilename, NULL, flags, &file_index))
+         return MZ_FALSE;
+-    return mz_zip_reader_extract_to_mem_no_alloc(pZip, file_index, pBuf, buf_size, flags, pUser_read_buf, user_read_buf_size);
++    return mz_zip_reader_extract_to_mem_no_alloc1(pZip, file_index, pBuf, buf_size, flags, pUser_read_buf, user_read_buf_size, NULL);
+ }
+ 
+ mz_bool mz_zip_reader_extract_to_mem(mz_zip_archive *pZip, mz_uint file_index, void *pBuf, size_t buf_size, mz_uint flags)
+ {
+-    return mz_zip_reader_extract_to_mem_no_alloc(pZip, file_index, pBuf, buf_size, flags, NULL, 0);
++    return mz_zip_reader_extract_to_mem_no_alloc1(pZip, file_index, pBuf, buf_size, flags, NULL, 0, NULL);
+ }
+ 
+ mz_bool mz_zip_reader_extract_file_to_mem(mz_zip_archive *pZip, const char *pFilename, void *pBuf, size_t buf_size, mz_uint flags)
+@@ -4548,23 +4557,17 @@ mz_bool mz_zip_reader_extract_file_to_mem(mz_zip_archive *pZip, const char *pFil
+ 
+ void *mz_zip_reader_extract_to_heap(mz_zip_archive *pZip, mz_uint file_index, size_t *pSize, mz_uint flags)
+ {
+-    mz_uint64 comp_size, uncomp_size, alloc_size;
+-    const mz_uint8 *p = mz_zip_get_cdh(pZip, file_index);
++    mz_zip_archive_file_stat file_stat;
++    mz_uint64 alloc_size;
+     void *pBuf;
+ 
+     if (pSize)
+         *pSize = 0;
+ 
+-    if (!p)
+-    {
+-        mz_zip_set_error(pZip, MZ_ZIP_INVALID_PARAMETER);
++    if (!mz_zip_reader_file_stat(pZip, file_index, &file_stat))
+         return NULL;
+-    }
+-
+-    comp_size = MZ_READ_LE32(p + MZ_ZIP_CDH_COMPRESSED_SIZE_OFS);
+-    uncomp_size = MZ_READ_LE32(p + MZ_ZIP_CDH_DECOMPRESSED_SIZE_OFS);
+ 
+-    alloc_size = (flags & MZ_ZIP_FLAG_COMPRESSED_DATA) ? comp_size : uncomp_size;
++    alloc_size = (flags & MZ_ZIP_FLAG_COMPRESSED_DATA) ? file_stat.m_comp_size : file_stat.m_uncomp_size;
+     if (((sizeof(size_t) == sizeof(mz_uint32))) && (alloc_size > 0x7FFFFFFF))
+     {
+         mz_zip_set_error(pZip, MZ_ZIP_INTERNAL_ERROR);
+@@ -4577,7 +4580,7 @@ void *mz_zip_reader_extract_to_heap(mz_zip_archive *pZip, mz_uint file_index, si
+         return NULL;
+     }
+ 
+-    if (!mz_zip_reader_extract_to_mem(pZip, file_index, pBuf, (size_t)alloc_size, flags))
++    if (!mz_zip_reader_extract_to_mem_no_alloc1(pZip, file_index, pBuf, (size_t)alloc_size, flags, NULL, 0, &file_stat))
+     {
+         pZip->m_pFree(pZip->m_pAlloc_opaque, pBuf);
+         return NULL;
+-- 
+2.34.1
+
diff --git a/miniz.spec b/miniz.spec
index 6d7575e..a614f6f 100644
--- a/miniz.spec
+++ b/miniz.spec
@@ -27,6 +27,9 @@ Patch3:     miniz-2.2.0-Fix-MZ_ZIP_GENERAL_PURPOSE_BIT_FLAG_UTF8-not-being-s.pat
 # Fix an undefined behaviour in tinfl_decompress(), GH#216,
 # in upstream after 2.2.0.
 Patch4:     miniz-2.2.0-tinfl_decompress-avoid-NULL-ptr-arithmetic-UB.patch
+# Fix mz_zip_reader_extract_to_heap() to read correct sizes, GH#220,
+# in upstream after 2.2.0.
+Patch5:     miniz-2.2.0-miniz_zip-fix-mz_zip_reader_extract_to_heap-to-read-.patch
 BuildRequires:  coreutils
 # diffutils for cmp
 BuildRequires:  diffutils
@@ -69,6 +72,7 @@ unzip -e '%{SOURCE0}'
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 # Normalize end-of-lines
 sed -e 's/\r$//' ChangeLog.md > ChangeLog.md.new
 touch -r ChangeLog.md ChangeLog.md.new
@@ -150,6 +154,7 @@ install -m 0644 %{name}.h '%{buildroot}/%{_includedir}'
 - Fix an unaligned memory access
 - Fix setting MZ_ZIP_GENERAL_PURPOSE_BIT_FLAG_UTF8
 - Fix an undefined behaviour in tinfl_decompress() (GH#216)
+- Fix mz_zip_reader_extract_to_heap() to read correct sizes (GH#220)
 
 * Wed Aug 11 2021 Petr Pisar <ppisar@redhat.com> - 2.2.0-1
 - 2.2.0 bump