From: Dan Kortschak <dan@kortschak.io>
Date: Wed, 24 Aug 2022 12:30:11 +0000 (+0930)
Subject: debug/macho: use saferio to read segment and section data
X-Git-Tag: go1.20rc1~1392
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=297e3de7a1416d2ccdadcf3bdc6c9d3776e2abd8;p=gostls13.git

debug/macho: use saferio to read segment and section data

Avoid allocating large amounts of memory for corrupt input.

No test case because the problem can only happen for invalid data.
Let the fuzzer find cases like this.

Change-Id: Ib09d5fea54aabcb6941e541b42689222fba69632
Reviewed-on: https://go-review.googlesource.com/c/go/+/425303
Reviewed-by: David Chase <drchase@google.com>
Run-TryBot: Dan Kortschak <dan@kortschak.io>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: hopehook <hopehook@qq.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
---

diff --git a/src/debug/macho/file.go b/src/debug/macho/file.go
index b57dba8496..e6b170a7cd 100644
--- a/src/debug/macho/file.go
+++ b/src/debug/macho/file.go
@@ -13,6 +13,7 @@ import (
 	"debug/dwarf"
 	"encoding/binary"
 	"fmt"
+	"internal/saferio"
 	"io"
 	"os"
 	"strings"
@@ -73,12 +74,7 @@ type Segment struct {
 
 // Data reads and returns the contents of the segment.
 func (s *Segment) Data() ([]byte, error) {
-	dat := make([]byte, s.sr.Size())
-	n, err := s.sr.ReadAt(dat, 0)
-	if n == len(dat) {
-		err = nil
-	}
-	return dat[0:n], err
+	return saferio.ReadDataAt(s.sr, s.Filesz, 0)
 }
 
 // Open returns a new ReadSeeker reading the segment.
@@ -126,12 +122,7 @@ type Section struct {
 
 // Data reads and returns the contents of the Mach-O section.
 func (s *Section) Data() ([]byte, error) {
-	dat := make([]byte, s.sr.Size())
-	n, err := s.sr.ReadAt(dat, 0)
-	if n == len(dat) {
-		err = nil
-	}
-	return dat[0:n], err
+	return saferio.ReadDataAt(s.sr, s.Size, 0)
 }
 
 // Open returns a new ReadSeeker reading the Mach-O section.