2017-11-07 13:34:34 +00:00
|
|
|
package asm
|
|
|
|
|
|
|
|
import (
|
|
|
|
"archive/tar"
|
|
|
|
"fmt"
|
|
|
|
"io"
|
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/vbatts/tar-split/tar/storage"
|
|
|
|
)
|
|
|
|
|
|
|
|
// This test failing causes the binary to crash due to memory overcommitment.
|
|
|
|
func TestLargeJunkPadding(t *testing.T) {
|
|
|
|
pR, pW := io.Pipe()
|
|
|
|
|
|
|
|
// Write a normal tar file into the pipe and then load it full of junk
|
|
|
|
// bytes as padding. We have to do this in a goroutine because we can't
|
|
|
|
// store 20GB of junk in-memory.
|
2023-03-25 23:20:31 +00:00
|
|
|
go func() {
|
2017-11-07 13:34:34 +00:00
|
|
|
// Empty archive.
|
|
|
|
tw := tar.NewWriter(pW)
|
|
|
|
if err := tw.Close(); err != nil {
|
|
|
|
pW.CloseWithError(err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Write junk.
|
|
|
|
const (
|
|
|
|
junkChunkSize = 64 * 1024 * 1024
|
|
|
|
junkChunkNum = 20 * 16
|
|
|
|
)
|
|
|
|
devZero, err := os.Open("/dev/zero")
|
|
|
|
if err != nil {
|
|
|
|
pW.CloseWithError(err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer devZero.Close()
|
|
|
|
for i := 0; i < junkChunkNum; i++ {
|
|
|
|
if i%32 == 0 {
|
|
|
|
fmt.Fprintf(os.Stderr, "[TestLargeJunkPadding] junk chunk #%d/#%d\n", i, junkChunkNum)
|
|
|
|
}
|
|
|
|
if _, err := io.CopyN(pW, devZero, junkChunkSize); err != nil {
|
|
|
|
pW.CloseWithError(err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
fmt.Fprintln(os.Stderr, "[TestLargeJunkPadding] junk chunk finished")
|
|
|
|
pW.Close()
|
2023-03-25 23:20:31 +00:00
|
|
|
}()
|
2017-11-07 13:34:34 +00:00
|
|
|
|
|
|
|
// Disassemble our junk file.
|
|
|
|
nilPacker := storage.NewJSONPacker(ioutil.Discard)
|
|
|
|
rdr, err := NewInputTarStream(pR, nilPacker, nil)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Copy the entire rdr.
|
|
|
|
_, err = io.Copy(ioutil.Discard, rdr)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// At this point, if we haven't crashed then we are not vulnerable to
|
|
|
|
// CVE-2017-14992.
|
|
|
|
}
|