From: Dave Cheney <dave@cheney.net>
Date: Tue, 30 Oct 2012 16:51:59 +0000 (+1100)
Subject: archive/zip: handle corrupt extra data records
X-Git-Tag: go1.1rc2~2031
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=640d818f2ada4997c6cea1ab435de625f5ef944a;p=gostls13.git

archive/zip: handle corrupt extra data records

Fixes #4302.

R=golang-dev, bradfitz, adg
CC=golang-dev
https://golang.org/cl/6811048
---

diff --git a/src/pkg/archive/zip/reader.go b/src/pkg/archive/zip/reader.go
index a6b049ec32..fed3988974 100644
--- a/src/pkg/archive/zip/reader.go
+++ b/src/pkg/archive/zip/reader.go
@@ -241,6 +241,9 @@ func readDirectoryHeader(f *File, r io.Reader) error {
 		for len(b) > 0 {
 			tag := b.uint16()
 			size := b.uint16()
+			if int(size) > len(b) {
+				return ErrFormat
+			}
 			if tag == zip64ExtraId {
 				// update directory values from the zip64 extra block
 				eb := readBuf(b)
diff --git a/src/pkg/archive/zip/zip_test.go b/src/pkg/archive/zip/zip_test.go
index 1d229d080a..54daf2482a 100644
--- a/src/pkg/archive/zip/zip_test.go
+++ b/src/pkg/archive/zip/zip_test.go
@@ -173,3 +173,37 @@ func TestZip64(t *testing.T) {
 		t.Errorf("UncompressedSize64 %d, want %d", got, want)
 	}
 }
+
+// Issue 4302.
+func TestInvalidExtraHedaer(t *testing.T) {
+	const timeFormat = "20060102T150405.000.txt"
+
+	var buf bytes.Buffer
+	z := NewWriter(&buf)
+
+	ts := time.Now()
+	filename := ts.Format(timeFormat)
+
+	h := FileHeader{
+		Name:   filename,
+		Method: Deflate,
+		Extra:  []byte(ts.Format(time.RFC3339Nano)), // missing tag and len
+	}
+	h.SetModTime(ts)
+
+	fh, err := z.CreateHeader(&h)
+	if err != nil {
+		t.Fatalf("error creating header: %v", err)
+	}
+	if _, err := fh.Write([]byte("hi")); err != nil {
+		t.Fatalf("error writing content: %v", err)
+	}
+	if err := z.Close(); err != nil {
+		t.Fatal("error closing zip writer: %v", err)
+	}
+
+	b := buf.Bytes()
+	if _, err = NewReader(bytes.NewReader(b), int64(len(b))); err == nil {
+		t.Fatal("expected ErrFormat")
+	}
+}