Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(443)
Issues Repositories Search
Open Issues | Closed Issues | All Issues | Sign in with your Google Account to create issues and add comments

Unified Diff: src/pkg/archive/zip/reader.go

Issue 6811080: code review 6811080: archive/zip: Fix bounds check panic for ZIP files with ...
Patch Set: diff -r ad0d92901061 https://code.google.com/p/go Created 12 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | src/pkg/archive/zip/zip_test.go » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/pkg/archive/zip/reader.go
===================================================================
--- a/src/pkg/archive/zip/reader.go
+++ b/src/pkg/archive/zip/reader.go
@@ -238,7 +238,7 @@
if len(f.Extra) > 0 {
b := readBuf(f.Extra)
- for len(b) > 0 {
+ for len(b) > 4 { // need at least tag and size
tag := b.uint16()
size := b.uint16()
if int(size) > len(b) {
@@ -259,6 +259,10 @@
}
b = b[size:]
}
+ // Should have consumed the whole header.
+ if len(b) != 0 {
+ return ErrFormat
+ }
}
return nil
}
« no previous file with comments | « no previous file | src/pkg/archive/zip/zip_test.go » ('j') | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b