forked from mirrors/tar-split
cf83c95de8
Motivation: * The logic to verify the numEntries can overflow and incorrectly pass, allowing a malicious file to allocate arbitrary memory. * The use of strconv.ParseInt does not set the integer precision to 64bit, causing this code to work incorrectly on 32bit machines. Change-Id: I1b1571a750a84f2dde97cc329ed04fe2342aaa60 Reviewed-on: https://go-review.googlesource.com/15173 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> |
||
---|---|---|
.. | ||
testdata | ||
common.go | ||
example_test.go | ||
reader.go | ||
reader_test.go | ||
stat_atim.go | ||
stat_atimespec.go | ||
stat_unix.go | ||
tar_test.go | ||
writer.go | ||
writer_test.go |