diff options
| author | David Chase <drchase@google.com> | 2022-08-24 15:53:40 -0400 |
|---|---|---|
| committer | David Chase <drchase@google.com> | 2022-08-29 01:35:52 +0000 |
| commit | 7f92ccea5ca5832a1dc63c02fc71db2d698f7915 (patch) | |
| tree | 22199ff6ec4e73dc26086f42234f50bdca46aa8a /src/debug | |
| parent | 846c378b8c0cebd2d8522a5693b45ca95b018a78 (diff) | |
| download | go-7f92ccea5ca5832a1dc63c02fc71db2d698f7915.tar.xz | |
debug/pe: check size in uint64 to avoid overflow
uint32(sz) != n*uint32(ddSz) can go wrong if
the RHS overflows, so do it in wider precision.
Fixes #54640.
Change-Id: I776563330e46de6cdacd4055f6ff08e7de67797f
Reviewed-on: https://go-review.googlesource.com/c/go/+/425364
Reviewed-by: Dan Kortschak <dan@kortschak.io>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Diffstat (limited to 'src/debug')
| -rw-r--r-- | src/debug/pe/file.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/debug/pe/file.go b/src/debug/pe/file.go index 9181ebdf15..7adf3e122e 100644 --- a/src/debug/pe/file.go +++ b/src/debug/pe/file.go @@ -603,8 +603,8 @@ func readOptionalHeader(r io.ReadSeeker, sz uint16) (any, error) { // its size and number of data directories as seen in optional header. // It parses the given size of bytes and returns given number of data directories. func readDataDirectories(r io.ReadSeeker, sz uint16, n uint32) ([]DataDirectory, error) { - ddSz := binary.Size(DataDirectory{}) - if uint32(sz) != n*uint32(ddSz) { + ddSz := uint64(binary.Size(DataDirectory{})) + if uint64(sz) != uint64(n)*ddSz { return nil, fmt.Errorf("size of data directories(%d) is inconsistent with number of data directories(%d)", sz, n) } |