From 281eabe46f638139b8d85d87a359880dc0f8ea81 Mon Sep 17 00:00:00 2001
From: Joe Tsai <joetsai@digital-static.net>
Date: Tue, 6 Oct 2015 01:04:18 -0700
Subject: [PATCH] archive/tar: add missing error checks to Reader.Next

A recursive call to Reader.Next did not check the error before
trying to use the result, leading to a nil pointer panic.
This specific CL addresses the immediate issue, which is the panic,
but does not solve the root issue, which is due to an integer
overflow in the base-256 parser.

Updates #12435

Change-Id: Ia908671f0f411a409a35e24f2ebf740d46734072
Reviewed-on: https://go-review.googlesource.com/15437
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
---
 src/archive/tar/reader.go               |  14 ++++++++++----
 src/archive/tar/reader_test.go          |   8 ++++++++
 src/archive/tar/testdata/issue12435.tar | Bin 0 -> 512 bytes
 3 files changed, 18 insertions(+), 4 deletions(-)
 create mode 100644 src/archive/tar/testdata/issue12435.tar

diff --git a/src/archive/tar/reader.go b/src/archive/tar/reader.go
index 67db71540c..f38f8c8ce6 100644
--- a/src/archive/tar/reader.go
+++ b/src/archive/tar/reader.go
@@ -165,18 +165,24 @@ func (tr *Reader) Next() (*Header, error) {
 		if err != nil {
 			return nil, err
 		}
-		hdr, err := tr.Next()
+		hdr, tr.err = tr.Next()
+		if tr.err != nil {
+			return nil, tr.err
+		}
 		hdr.Name = cString(realname)
-		return hdr, err
+		return hdr, nil
 	case TypeGNULongLink:
 		// We have a GNU long link header.
 		realname, err := ioutil.ReadAll(tr)
 		if err != nil {
 			return nil, err
 		}
-		hdr, err := tr.Next()
+		hdr, tr.err = tr.Next()
+		if tr.err != nil {
+			return nil, tr.err
+		}
 		hdr.Linkname = cString(realname)
-		return hdr, err
+		return hdr, nil
 	}
 	return hdr, tr.err
 }
diff --git a/src/archive/tar/reader_test.go b/src/archive/tar/reader_test.go
index 4d065a9591..604d13f57b 100644
--- a/src/archive/tar/reader_test.go
+++ b/src/archive/tar/reader_test.go
@@ -300,6 +300,14 @@ var untarTests = []*untarTest{
 		file: "testdata/issue11169.tar",
 		// TODO(dsnet): Currently the library does not detect that this file is
 		// malformed. Instead it incorrectly believes that file just ends.
+		// At least the library doesn't crash anymore.
+		// err:  ErrHeader,
+	},
+	{
+		file: "testdata/issue12435.tar",
+		// TODO(dsnet): Currently the library does not detect that this file is
+		// malformed. Instead, it incorrectly believes that file just ends.
+		// At least the library doesn't crash anymore.
 		// err:  ErrHeader,
 	},
 }
diff --git a/src/archive/tar/testdata/issue12435.tar b/src/archive/tar/testdata/issue12435.tar
new file mode 100644
index 0000000000000000000000000000000000000000..3542dd8efd5d486b99ae03f39a56860af1c09af0
GIT binary patch
literal 512
lcmZQzpgs7{2(bf|=G;FWht&p9;C+0@6=oc2Mun*p0sxa^2!Q|q

literal 0
HcmV?d00001

-- 
2.50.0