forked from mirrors/tar-split
		
	archive/tar: fix slice bounds out of range
Sanity check the pax-header size field before using it. Fixes #11167. Change-Id: I9d5d0210c3990e6fb9434c3fe333be0d507d5962 Reviewed-on: https://go-review.googlesource.com/10954 Reviewed-by: David Symonds <dsymonds@golang.org> Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
This commit is contained in:
		
							parent
							
								
									55dceefe42
								
							
						
					
					
						commit
						69de764807
					
				
					 2 changed files with 9 additions and 4 deletions
				
			
		|  | @ -397,7 +397,7 @@ func parsePAX(r io.Reader) (map[string]string, error) { | |||
| 		} | ||||
| 		// Parse the first token as a decimal integer. | ||||
| 		n, err := strconv.ParseInt(string(buf[:sp]), 10, 0) | ||||
| 		if err != nil { | ||||
| 		if err != nil || n < 5 || int64(len(buf)) < n { | ||||
| 			return nil, ErrHeader | ||||
| 		} | ||||
| 		// Extract everything between the decimal and the n -1 on the | ||||
|  |  | |||
|  | @ -462,9 +462,14 @@ func TestParsePAXHeader(t *testing.T) { | |||
| 			t.Error("Buffer wasn't consumed") | ||||
| 		} | ||||
| 	} | ||||
| 	badHeader := bytes.NewReader([]byte("3 somelongkey=")) | ||||
| 	if _, err := parsePAX(badHeader); err != ErrHeader { | ||||
| 		t.Fatal("Unexpected success when parsing bad header") | ||||
| 	badHeaderTests := [][]byte{ | ||||
| 		[]byte("3 somelongkey=\n"), | ||||
| 		[]byte("50 tooshort=\n"), | ||||
| 	} | ||||
| 	for _, test := range badHeaderTests { | ||||
| 		if _, err := parsePAX(bytes.NewReader(test)); err != ErrHeader { | ||||
| 			t.Fatal("Unexpected success when parsing bad header") | ||||
| 		} | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue