diff options
| author | Daniel Martí <mvdan@mvdan.cc> | 2022-09-22 13:35:08 +0100 |
|---|---|---|
| committer | Daniel Martí <mvdan@mvdan.cc> | 2022-10-04 13:27:35 +0000 |
| commit | cbd931c9c2705e0e3a44c3b299ac2bd3369f5eb5 (patch) | |
| tree | 9b9472303a85f76f9056ab68334f312217b49b79 /src/encoding | |
| parent | 6d8ec893039a39f495c8139012e47754e4518b70 (diff) | |
| download | go-cbd931c9c2705e0e3a44c3b299ac2bd3369f5eb5.tar.xz | |
encoding/gob: prevent a decoder state overflow
When decoding a struct, if a positive delta is large enough to overflow
when added to fieldnum, we would panic due to the resulting negative index.
Instead, catch this problem and produce an error like we do with
negative delta integers. If fieldnum ends up being negative or smaller
than state.fieldnum, the addition overflowed.
While here, remove an unnecessary break after an error call,
since those error functions cause a panic.
Fixes #55337.
Change-Id: I7a0e4f43e5c81a703e79c1597e3bb3714cc832c8
Reviewed-on: https://go-review.googlesource.com/c/go/+/432715
Reviewed-by: Rob Pike <r@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Daniel Martí <mvdan@mvdan.cc>
TryBot-Result: Gopher Robot <gobot@golang.org>
Diffstat (limited to 'src/encoding')
| -rw-r--r-- | src/encoding/gob/decode.go | 5 | ||||
| -rw-r--r-- | src/encoding/gob/encoder_test.go | 13 |
2 files changed, 15 insertions, 3 deletions
diff --git a/src/encoding/gob/decode.go b/src/encoding/gob/decode.go index 480832ca4f..316565adb2 100644 --- a/src/encoding/gob/decode.go +++ b/src/encoding/gob/decode.go @@ -450,11 +450,10 @@ func (dec *Decoder) decodeStruct(engine *decEngine, value reflect.Value) { if delta == 0 { // struct terminator is zero delta fieldnum break } - fieldnum := state.fieldnum + delta - if fieldnum >= len(engine.instr) { + if state.fieldnum >= len(engine.instr)-delta { // subtract to compare without overflow error_(errRange) - break } + fieldnum := state.fieldnum + delta instr := &engine.instr[fieldnum] var field reflect.Value if instr.index != nil { diff --git a/src/encoding/gob/encoder_test.go b/src/encoding/gob/encoder_test.go index 6934841b3a..484be43c47 100644 --- a/src/encoding/gob/encoder_test.go +++ b/src/encoding/gob/encoder_test.go @@ -1265,3 +1265,16 @@ func TestDecodePartial(t *testing.T) { } } } + +func TestDecoderOverflow(t *testing.T) { + // Issue 55337. + dec := NewDecoder(bytes.NewReader([]byte{ + 0x12, 0xff, 0xff, 0x2, 0x2, 0x20, 0x0, 0xf8, 0x7f, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x20, 0x20, 0x20, 0x20, 0x20, + })) + var r interface{} + err := dec.Decode(r) + if err == nil { + t.Fatalf("expected an error") + } +} |