]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 846c378)
debug/pe: check size in uint64 to avoid overflow
authorDavid Chase <drchase@google.com>
Wed, 24 Aug 2022 19:53:40 +0000 (15:53 -0400)
committerDavid Chase <drchase@google.com>
Mon, 29 Aug 2022 01:35:52 +0000 (01:35 +0000)
uint32(sz) != n*uint32(ddSz) can go wrong if
the RHS overflows, so do it in wider precision.

Fixes #54640.

Change-Id: I776563330e46de6cdacd4055f6ff08e7de67797f
Reviewed-on: https://go-review.googlesource.com/c/go/+/425364
Reviewed-by: Dan Kortschak <dan@kortschak.io>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>

src/debug/pe/file.go patch | blob | history

diff --git a/src/debug/pe/file.go b/src/debug/pe/file.go
index 9181ebdf1521c80da6d34e57ccfd83adb0e32532..7adf3e122e7b742eb9a82faef591b229f87190bd 100644 (file)
--- a/src/debug/pe/file.go
+++ b/src/debug/pe/file.go
@@ -603,8 +603,8 @@ func readOptionalHeader(r io.ReadSeeker, sz uint16) (any, error) {
 // its size and number of data directories as seen in optional header.
 // It parses the given size of bytes and returns given number of data directories.
 func readDataDirectories(r io.ReadSeeker, sz uint16, n uint32) ([]DataDirectory, error) {
-       ddSz := binary.Size(DataDirectory{})
-       if uint32(sz) != n*uint32(ddSz) {
+       ddSz := uint64(binary.Size(DataDirectory{}))
+       if uint64(sz) != uint64(n)*ddSz {
                return nil, fmt.Errorf("size of data directories(%d) is inconsistent with number of data directories(%d)", sz, n)
        }
 
Go GOST TLS 1.3