forked from mirrors/tar-split
		
	archive/tar: terminate when reading malformed sparse files
Fixes #10968. Change-Id: I027bc571a71629ac49c2a0ff101b2950af6e7531 Reviewed-on: https://go-review.googlesource.com/10482 Reviewed-by: David Symonds <dsymonds@golang.org> Run-TryBot: David Symonds <dsymonds@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
This commit is contained in:
		
							parent
							
								
									576b273762
								
							
						
					
					
						commit
						55dceefe42
					
				
					 3 changed files with 22 additions and 0 deletions
				
			
		|  | @ -899,6 +899,9 @@ func (sfr *sparseFileReader) Read(b []byte) (n int, err error) { | |||
| 		// Otherwise, we're at the end of the file | ||||
| 		return 0, io.EOF | ||||
| 	} | ||||
| 	if sfr.tot < sfr.sp[0].offset { | ||||
| 		return 0, io.ErrUnexpectedEOF | ||||
| 	} | ||||
| 	if sfr.pos < sfr.sp[0].offset { | ||||
| 		// We're in a hole | ||||
| 		n = sfr.readHole(b, sfr.sp[0].offset) | ||||
|  |  | |||
|  | @ -757,3 +757,22 @@ func TestNegativeHdrSize(t *testing.T) { | |||
| 	} | ||||
| 	io.Copy(ioutil.Discard, r) | ||||
| } | ||||
| 
 | ||||
| // This used to hang in (*sparseFileReader).readHole due to missing | ||||
| // verification of sparse offsets against file size. | ||||
| func TestIssue10968(t *testing.T) { | ||||
| 	f, err := os.Open("testdata/issue10968.tar") | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
| 	defer f.Close() | ||||
| 	r := NewReader(f) | ||||
| 	_, err = r.Next() | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
| 	_, err = io.Copy(ioutil.Discard, r) | ||||
| 	if err != io.ErrUnexpectedEOF { | ||||
| 		t.Fatalf("expected %q, got %q", io.ErrUnexpectedEOF, err) | ||||
| 	} | ||||
| } | ||||
|  |  | |||
							
								
								
									
										
											BIN
										
									
								
								archive/tar/testdata/issue10968.tar
									
										
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										
											BIN
										
									
								
								archive/tar/testdata/issue10968.tar
									
										
									
									
										vendored
									
									
										Normal file
									
								
							
										
											Binary file not shown.
										
									
								
							
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue