]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 158c56e)
compress/flate: fix infinite loop on malformed data
authorRuss Cox <rsc@golang.org>
Wed, 9 Oct 2013 12:37:06 +0000 (08:37 -0400)
committerRuss Cox <rsc@golang.org>
Wed, 9 Oct 2013 12:37:06 +0000 (08:37 -0400)
Test using compress/gzip, because that's how the
data arrived.

Fixes #6550.

R=golang-dev, r
CC=golang-dev
https://golang.org/cl/14441051

src/pkg/compress/flate/inflate.go patch | blob | history
src/pkg/compress/gzip/gunzip_test.go patch | blob | history
src/pkg/compress/gzip/testdata/issue6550.gz [new file with mode: 0644] patch | blob

diff --git a/src/pkg/compress/flate/inflate.go b/src/pkg/compress/flate/inflate.go
index 34ba00d5af7c137f39d68e8822e583ad06afb787..3eb3b2b83e6d224670f03286418dbfb22d1fe67d 100644 (file)
--- a/src/pkg/compress/flate/inflate.go
+++ b/src/pkg/compress/flate/inflate.go
@@ -644,6 +644,10 @@ func (f *decompressor) huffSym(h *huffmanDecoder) (int, error) {
                if n > huffmanChunkBits {
                        chunk = h.links[chunk>>huffmanValueShift][(f.b>>huffmanChunkBits)&h.linkMask]
                        n = uint(chunk & huffmanCountMask)
+                       if n == 0 {
+                               f.err = CorruptInputError(f.roffset)
+                               return 0, f.err
+                       }
                }
                if n <= f.nb {
                        f.b >>= n
diff --git a/src/pkg/compress/gzip/gunzip_test.go b/src/pkg/compress/gzip/gunzip_test.go
index a1333580dc006c62fb6589e608b2a97e28fcfa75..572fb584885fbfd35e73abfe2f84e3b938ecf6f2 100644 (file)
--- a/src/pkg/compress/gzip/gunzip_test.go
+++ b/src/pkg/compress/gzip/gunzip_test.go
@@ -7,7 +7,10 @@ package gzip
 import (
        "bytes"
        "io"
+       "io/ioutil"
+       "os"
        "testing"
+       "time"
 )
 
 type gunzipTest struct {
@@ -302,3 +305,31 @@ func TestDecompressor(t *testing.T) {
                }
        }
 }
+
+func TestIssue6550(t *testing.T) {
+       f, err := os.Open("testdata/issue6550.gz")
+       if err != nil {
+               t.Fatal(err)
+       }
+       gzip, err := NewReader(f)
+       if err != nil {
+               t.Fatalf("NewReader(testdata/issue6550.gz): %v", err)
+       }
+       defer gzip.Close()
+       done := make(chan bool, 1)
+       go func() {
+               _, err := io.Copy(ioutil.Discard, gzip)
+               if err == nil {
+                       t.Errorf("Copy succeeded")
+               } else {
+                       t.Logf("Copy failed (correctly): %v", err)
+               }
+               done <- true
+       }()
+       select {
+       case <-time.After(1 * time.Second):
+               t.Errorf("Copy hung")
+       case <-done:
+               // ok
+       }
+}
diff --git a/src/pkg/compress/gzip/testdata/issue6550.gz b/src/pkg/compress/gzip/testdata/issue6550.gz
new file mode 100644 (file)
index 0000000..57972b6
Binary files /dev/null and b/src/pkg/compress/gzip/testdata/issue6550.gz differ
Go GOST TLS 1.3