diff options
| author | Ian Lance Taylor <iant@golang.org> | 2022-09-22 21:17:05 -0700 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2022-09-25 01:18:43 +0000 |
| commit | a0441c7ae3dea57a0553c9ea77e184c34b7da40f (patch) | |
| tree | fb5c5f7313d43568152335a5570da5665057dede /src/debug | |
| parent | 336ce966e439a269fe5088cc7564181c5b866b61 (diff) | |
| download | go-a0441c7ae3dea57a0553c9ea77e184c34b7da40f.tar.xz | |
encoding/gob: use saferio.SliceCap when decoding a slice
This avoids allocating an overly large slice for corrupt input.
Change the saferio.SliceCap function to take a pointer to the element type,
so that we can handle slices of interface types. This revealed that a
couple of existing calls were actually incorrect, passing the slice type
rather than the element type.
No test case because the problem can only happen for invalid data. Let
the fuzzer find cases like this.
Fixes #55338
Change-Id: I3c1724183cc275d4981379773b0b8faa01a9cbd2
Reviewed-on: https://go-review.googlesource.com/c/go/+/433296
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Daniel Martà <mvdan@mvdan.cc>
Reviewed-by: Cherry Mui <cherryyz@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Diffstat (limited to 'src/debug')
| -rw-r--r-- | src/debug/macho/fat.go | 2 | ||||
| -rw-r--r-- | src/debug/macho/file.go | 4 | ||||
| -rw-r--r-- | src/debug/pe/symbol.go | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/src/debug/macho/fat.go b/src/debug/macho/fat.go index 7dc03fa79a..679cefb313 100644 --- a/src/debug/macho/fat.go +++ b/src/debug/macho/fat.go @@ -86,7 +86,7 @@ func NewFatFile(r io.ReaderAt) (*FatFile, error) { // Following the fat_header comes narch fat_arch structs that index // Mach-O images further in the file. - c := saferio.SliceCap(FatArch{}, uint64(narch)) + c := saferio.SliceCap((*FatArch)(nil), uint64(narch)) if c < 0 { return nil, &FormatError{offset, "too many images", nil} } diff --git a/src/debug/macho/file.go b/src/debug/macho/file.go index 3c95803371..0c6488d349 100644 --- a/src/debug/macho/file.go +++ b/src/debug/macho/file.go @@ -253,7 +253,7 @@ func NewFile(r io.ReaderAt) (*File, error) { if err != nil { return nil, err } - c := saferio.SliceCap([]Load{}, uint64(f.Ncmd)) + c := saferio.SliceCap((*Load)(nil), uint64(f.Ncmd)) if c < 0 { return nil, &FormatError{offset, "too many load commands", nil} } @@ -460,7 +460,7 @@ func NewFile(r io.ReaderAt) (*File, error) { func (f *File) parseSymtab(symdat, strtab, cmddat []byte, hdr *SymtabCmd, offset int64) (*Symtab, error) { bo := f.ByteOrder - c := saferio.SliceCap([]Symbol{}, uint64(hdr.Nsyms)) + c := saferio.SliceCap((*Symbol)(nil), uint64(hdr.Nsyms)) if c < 0 { return nil, &FormatError{offset, "too many symbols", nil} } diff --git a/src/debug/pe/symbol.go b/src/debug/pe/symbol.go index 0a5343f925..b1654f8726 100644 --- a/src/debug/pe/symbol.go +++ b/src/debug/pe/symbol.go @@ -59,7 +59,7 @@ func readCOFFSymbols(fh *FileHeader, r io.ReadSeeker) ([]COFFSymbol, error) { if err != nil { return nil, fmt.Errorf("fail to seek to symbol table: %v", err) } - c := saferio.SliceCap(COFFSymbol{}, uint64(fh.NumberOfSymbols)) + c := saferio.SliceCap((*COFFSymbol)(nil), uint64(fh.NumberOfSymbols)) if c < 0 { return nil, errors.New("too many symbols; file may be corrupt") } |