archive/tar: don't panic on negative file size

Fixes #10959.
Fixes #10960.

Change-Id: I9a81a0e2b8275338d0d1c3f7f7265e0fd91f3de2
Reviewed-on: https://go-review.googlesource.com/10402
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: David Symonds <dsymonds@golang.org>

diff --git a/src/archive/tar/reader.go b/src/archive/tar/reader.go
index abd8f148a787499024802272adc900c3aa48e284..cd23fb57d6b12eb94d1129b927833549b5001088 100644 (file)
--- a/src/archive/tar/reader.go
+++ b/src/archive/tar/reader.go
@@ -463,6 +463,10 @@ func (tr *Reader) readHeader() *Header {
        hdr.Uid = int(tr.octal(s.next(8)))
        hdr.Gid = int(tr.octal(s.next(8)))
        hdr.Size = tr.octal(s.next(12))
+       if hdr.Size < 0 {
+               tr.err = ErrHeader
+               return nil
+       }
        hdr.ModTime = time.Unix(tr.octal(s.next(12)), 0)
        s.next(8) // chksum
        hdr.Typeflag = s.next(1)[0]

diff --git a/src/archive/tar/reader_test.go b/src/archive/tar/reader_test.go
index 9601ffe459767b2b0a585331b1008eab0b747829..ab1e8445a425d1aee5d3b912c1a0fcf425f90bee 100644 (file)
--- a/src/archive/tar/reader_test.go
+++ b/src/archive/tar/reader_test.go
@@ -741,3 +741,19 @@ func TestUninitializedRead(t *testing.T) {
        }
 
 }
+
+// Negative header size should not cause panic.
+// Issues 10959 and 10960.
+func TestNegativeHdrSize(t *testing.T) {
+       f, err := os.Open("testdata/neg-size.tar")
+       if err != nil {
+               t.Fatal(err)
+       }
+       defer f.Close()
+       r := NewReader(f)
+       _, err = r.Next()
+       if err != ErrHeader {
+               t.Error("want ErrHeader, got", err)
+       }
+       io.Copy(ioutil.Discard, r)
+}

diff --git a/src/archive/tar/testdata/neg-size.tar b/src/archive/tar/testdata/neg-size.tar
new file mode 100644 (file)
index 0000000..5deea3d
Binary files /dev/null and b/src/archive/tar/testdata/neg-size.tar differ