diff options
| author | Ian Lance Taylor <iant@golang.org> | 2022-06-23 15:57:10 -0700 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2022-08-17 03:08:49 +0000 |
| commit | 7adfa82726280371bb4dfc710dc4168dfd9de703 (patch) | |
| tree | c2f66cbaf63ea52832c65869f9063bc030548f4a /src/debug | |
| parent | 71424806fa76d5b5d1b2492741d2564664af136c (diff) | |
| download | go-7adfa82726280371bb4dfc710dc4168dfd9de703.tar.xz | |
debug/macho, internal/saferio: limit slice allocation
Don't allocate slices that are too large; choose a smaller capacity
and build the slice using append. Use this in debug/macho to avoid
over-allocating if a fat header is incorrect.
No debug/macho test case because the problem can only happen for
invalid data. Let the fuzzer find cases like this.
For #47653
Fixes #52523
Change-Id: I372c9cdbdda8626a3225e79d713650beb350ebc7
Reviewed-on: https://go-review.googlesource.com/c/go/+/413874
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
Diffstat (limited to 'src/debug')
| -rw-r--r-- | src/debug/macho/fat.go | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/src/debug/macho/fat.go b/src/debug/macho/fat.go index 6bd730dc0b..775beaf12c 100644 --- a/src/debug/macho/fat.go +++ b/src/debug/macho/fat.go @@ -7,6 +7,7 @@ package macho import ( "encoding/binary" "fmt" + "internal/saferio" "io" "os" ) @@ -85,9 +86,13 @@ func NewFatFile(r io.ReaderAt) (*FatFile, error) { // Following the fat_header comes narch fat_arch structs that index // Mach-O images further in the file. - ff.Arches = make([]FatArch, narch) + c := saferio.SliceCap(FatArch{}, uint64(narch)) + if c < 0 { + return nil, &FormatError{offset, "too many images", nil} + } + ff.Arches = make([]FatArch, 0, c) for i := uint32(0); i < narch; i++ { - fa := &ff.Arches[i] + var fa FatArch err = binary.Read(sr, binary.BigEndian, &fa.FatArchHeader) if err != nil { return nil, &FormatError{offset, "invalid fat_arch header", nil} @@ -115,6 +120,8 @@ func NewFatFile(r io.ReaderAt) (*FatFile, error) { return nil, &FormatError{offset, fmt.Sprintf("Mach-O type for architecture #%d (type=%#x) does not match first (type=%#x)", i, fa.Type, machoType), nil} } } + + ff.Arches = append(ff.Arches, fa) } return &ff, nil |