Skip to content

G
go
Commit 553f45a6 authored by Brad Fitzpatrick's avatar Brad Fitzpatrick
Browse files
Options

archive/zip: sanity check the TOC's declared number of files 

Fixes #10956

Change-Id: If8517094f04250c4f722e1e899a237eb6e170eb9
Reviewed-on: https://go-review.googlesource.com/10421
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: default avatarAndrew Gerrand <adg@golang.org>
parent 05d8f1d1
Hide whitespace changes
Inline Side-by-side
Showing with 17 additions and 4 deletions
src/archive/zip/reader.go
View file @ 553f45a6
...@@ -8,6 +8,7 @@ import ( ...@@ -8,6 +8,7 @@ import (
"bufio" "bufio"
"encoding/binary" "encoding/binary"
"errors" "errors"
"fmt"
"hash" "hash"
"hash/crc32" "hash/crc32"
"io" "io"
...@@ -77,6 +78,9 @@ func (z *Reader) init(r io.ReaderAt, size int64) error { ...@@ -77,6 +78,9 @@ func (z *Reader) init(r io.ReaderAt, size int64) error {
if err != nil { if err != nil {
return err return err
} }
if end.directoryRecords > uint64(size)/fileHeaderLen {
return fmt.Errorf("archive/zip: TOC declares impossible %d files in %d byte zip", end.directoryRecords, size)
}
z.r = r z.r = r
z.File = make([]*File, 0, end.directoryRecords) z.File = make([]*File, 0, end.directoryRecords)
z.Comment = end.comment z.Comment = end.comment
......
src/archive/zip/reader_test.go
View file @ 553f45a6
...@@ -551,10 +551,7 @@ func TestIssue10957(t *testing.T) { ...@@ -551,10 +551,7 @@ func TestIssue10957(t *testing.T) {
"\v\x00\x00\x00\x00\x00") "\v\x00\x00\x00\x00\x00")
z, err := NewReader(bytes.NewReader(data), int64(len(data))) z, err := NewReader(bytes.NewReader(data), int64(len(data)))
if err != nil { if err != nil {
if z != nil { t.Fatal(err)
panic("non nil z")
}
return
} }
for i, f := range z.File { for i, f := range z.File {
r, err := f.Open() r, err := f.Open()
...@@ -573,3 +570,15 @@ func TestIssue10957(t *testing.T) { ...@@ -573,3 +570,15 @@ func TestIssue10957(t *testing.T) {
r.Close() r.Close()
} }
} }
// Verify the number of files is sane.
func TestIssue10956(t *testing.T) {
data := []byte("PK\x06\x06PK\x06\a0000\x00\x00\x00\x00\x00\x00\x00\x00" +
"0000PK\x05\x06000000000000" +
"0000\v\x00000\x00\x00\x00\x00\x00\x00\x000")
_, err := NewReader(bytes.NewReader(data), int64(len(data)))
const want = "TOC declares impossible 3472328296227680304 files in 57 byte"
if err == nil && !strings.Contains(err.Error(), want) {
t.Errorf("error = %v; want %q", err, want)
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7