From 375a80c9ef521404f1d972ad82719f90bc3a019f Mon Sep 17 00:00:00 2001 From: Ian Lance Taylor Date: Mon, 11 Jul 2022 18:50:03 -0700 Subject: [PATCH] go/internal/gcimporter: use saferio to read indexed data Avoid allocating large amounts of memory for corrupt input. No test case because the problem can only happen for invalid data. Let the fuzzer find cases like this. Fixes #53787 Change-Id: I1b75a4c000b8d1112110309ec44b0ba9b4638d71 Reviewed-on: https://go-review.googlesource.com/c/go/+/416861 Auto-Submit: Ian Lance Taylor TryBot-Result: Gopher Robot Run-TryBot: Ian Lance Taylor Reviewed-by: Ian Lance Taylor Reviewed-by: Dan Kortschak Reviewed-by: Matthew Dempsky --- src/go/internal/gcimporter/iimport.go | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/src/go/internal/gcimporter/iimport.go b/src/go/internal/gcimporter/iimport.go index f9eaa0b10c..cc0818dd9a 100644 --- a/src/go/internal/gcimporter/iimport.go +++ b/src/go/internal/gcimporter/iimport.go @@ -15,7 +15,9 @@ import ( "go/constant" "go/token" "go/types" + "internal/saferio" "io" + "math" "math/big" "sort" "strings" @@ -103,12 +105,16 @@ func iImportData(fset *token.FileSet, imports map[string]*types.Package, dataRea errorf("unknown iexport format version %d", version) } - sLen := int64(r.uint64()) - dLen := int64(r.uint64()) + sLen := r.uint64() + dLen := r.uint64() - data := make([]byte, sLen+dLen) - if _, err := io.ReadFull(r, data); err != nil { - errorf("cannot read %d bytes of stringData and declData: %s", len(data), err) + if sLen > math.MaxUint64-dLen { + errorf("lengths out of range (%d, %d)", sLen, dLen) + } + + data, err := saferio.ReadData(r, sLen+dLen) + if err != nil { + errorf("cannot read %d bytes of stringData and declData: %s", sLen+dLen, err) } stringData := data[:sLen] declData := data[sLen:] -- 2.48.1