From: Sergey Matveev <stargrave@stargrave.org>
Date: Sun, 6 Oct 2024 10:04:04 +0000 (+0300)
Subject: Limit chunk's size too
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=e82c8b251e790fda1e93ade6250a8cd8bddc361f696a3d8e55e76dd73ee922e4;p=keks.git

Limit chunk's size too
---

diff --git a/cyac/iter.c b/cyac/iter.c
index 89f5ce9..ddb16c1 100644
--- a/cyac/iter.c
+++ b/cyac/iter.c
@@ -122,6 +122,9 @@ YACIterBlob(
     if (chunkLen == 0) {
         return YACErrBlobBadLen;
     }
+    if (chunkLen > ((uint64_t)(1) << 60)) {
+        return YACErrLenTooBig;
+    }
     atom->typ = YACItemChunkLen;
     err = cb(NULL, 0, 0, cbState, atom, off, buf, len);
     if (err != YACErrNo) {
diff --git a/gyac/dec.go b/gyac/dec.go
index 075804a..c805f52 100644
--- a/gyac/dec.go
+++ b/gyac/dec.go
@@ -269,11 +269,11 @@ func AtomDecode(buf []byte) (item *Item, off int, err error) {
 func DecodeItem(buf []byte) (item *Item, tail []byte, err error) {
 	var off int
 	item, off, err = AtomDecode(buf)
-	buf = buf[off:]
-	tail = buf
 	if err != nil {
 		return
 	}
+	buf = buf[off:]
+	tail = buf
 	switch ItemType(item.T) {
 	case ItemList:
 		var sub *Item
@@ -344,6 +344,10 @@ func DecodeItem(buf []byte) (item *Item, tail []byte, err error) {
 			err = ErrBlobBadLen
 			return
 		}
+		if sub.V.(uint64) > (1 << 60) {
+			err = ErrLenTooBig
+			return
+		}
 		chunkLen := int(sub.V.(uint64))
 		if chunkLen == 0 {
 			err = ErrBlobBadLen