debug/pe: use saferio to set symbol slice capacity

No test case because the problem can only happen for invalid data. Let the fuzzer find cases like this. For #47653 Fixes #53530 Change-Id: If1cebbbcabb188fec8be30ef043c8c4c935a9564 Reviewed-on: https://go-review.googlesource.com/c/go/+/413995 Run-TryBot: Ian Lance Taylor <iant@google.com> Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Alex Brainman <alex.brainman@gmail.com> Reviewed-by: Bryan Mills <bcmills@google.com>
author: Ian Lance Taylor <iant@golang.org> 2022-06-24 10:24:11 -0700
committer: Gopher Robot <gobot@golang.org> 2022-08-18 16:14:23 +0000
commit: 760c180d3bb2464b1e91402630c8f0d1e79180b3 (patch)
tree: 80d4cf24a2b5f2371bbe5eacc108ebfbcb11c9c7 /src/debug
parent: 924f526277c4deecfeb3ff3b48095126d1bb520e (diff)
download: go-760c180d3bb2464b1e91402630c8f0d1e79180b3.tar.xz
1 files changed, 13 insertions, 5 deletions
diff --git a/src/debug/pe/symbol.go b/src/debug/pe/symbol.go
index 86a1fbc301..0a5343f925 100644
--- a/src/debug/pe/symbol.go
+++ b/src/debug/pe/symbol.go
@@ -6,7 +6,9 @@ package pe
 
 import (
 	"encoding/binary"
+	"errors"
 	"fmt"
+	"internal/saferio"
 	"io"
 	"unsafe"
 )
@@ -57,29 +59,35 @@ func readCOFFSymbols(fh *FileHeader, r io.ReadSeeker) ([]COFFSymbol, error) {
 	if err != nil {
 		return nil, fmt.Errorf("fail to seek to symbol table: %v", err)
 	}
-	syms := make([]COFFSymbol, fh.NumberOfSymbols)
+	c := saferio.SliceCap(COFFSymbol{}, uint64(fh.NumberOfSymbols))
+	if c < 0 {
+		return nil, errors.New("too many symbols; file may be corrupt")
+	}
+	syms := make([]COFFSymbol, 0, c)
 	naux := 0
-	for k := range syms {
+	for k := uint32(0); k < fh.NumberOfSymbols; k++ {
+		var sym COFFSymbol
 		if naux == 0 {
 			// Read a primary symbol.
-			err = binary.Read(r, binary.LittleEndian, &syms[k])
+			err = binary.Read(r, binary.LittleEndian, &sym)
 			if err != nil {
 				return nil, fmt.Errorf("fail to read symbol table: %v", err)
 			}
 			// Record how many auxiliary symbols it has.
-			naux = int(syms[k].NumberOfAuxSymbols)
+			naux = int(sym.NumberOfAuxSymbols)
 		} else {
 			// Read an aux symbol. At the moment we assume all
 			// aux symbols are format 5 (obviously this doesn't always
 			// hold; more cases will be needed below if more aux formats
 			// are supported in the future).
 			naux--
-			aux := (*COFFSymbolAuxFormat5)(unsafe.Pointer(&syms[k]))
+			aux := (*COFFSymbolAuxFormat5)(unsafe.Pointer(&sym))
 			err = binary.Read(r, binary.LittleEndian, aux)
 			if err != nil {
 				return nil, fmt.Errorf("fail to read symbol table: %v", err)
 			}
 		}
+		syms = append(syms, sym)
 	}
 	if naux != 0 {
 		return nil, fmt.Errorf("fail to read symbol table: %d aux symbols unread", naux)
author	Ian Lance Taylor <iant@golang.org>	2022-06-24 10:24:11 -0700
committer	Gopher Robot <gobot@golang.org>	2022-08-18 16:14:23 +0000
commit	760c180d3bb2464b1e91402630c8f0d1e79180b3 (patch)
tree	80d4cf24a2b5f2371bbe5eacc108ebfbcb11c9c7 /src/debug
parent	924f526277c4deecfeb3ff3b48095126d1bb520e (diff)
download	go-760c180d3bb2464b1e91402630c8f0d1e79180b3.tar.xz