diff options
| author | Joe Tsai <joetsai@digital-static.net> | 2015-10-06 01:04:18 -0700 |
|---|---|---|
| committer | Brad Fitzpatrick <bradfitz@golang.org> | 2015-10-06 17:13:11 +0000 |
| commit | 281eabe46f638139b8d85d87a359880dc0f8ea81 (patch) | |
| tree | fd300be45a1d86069d25285e2812437d2d5ff01e /src | |
| parent | 01ecd41688d0e2441cc8cb755f514807ef966821 (diff) | |
| download | go-281eabe46f638139b8d85d87a359880dc0f8ea81.tar.xz | |
archive/tar: add missing error checks to Reader.Next
A recursive call to Reader.Next did not check the error before
trying to use the result, leading to a nil pointer panic.
This specific CL addresses the immediate issue, which is the panic,
but does not solve the root issue, which is due to an integer
overflow in the base-256 parser.
Updates #12435
Change-Id: Ia908671f0f411a409a35e24f2ebf740d46734072
Reviewed-on: https://go-review.googlesource.com/15437
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/archive/tar/reader.go | 14 | ||||
| -rw-r--r-- | src/archive/tar/reader_test.go | 8 | ||||
| -rw-r--r-- | src/archive/tar/testdata/issue12435.tar | bin | 0 -> 512 bytes |
3 files changed, 18 insertions, 4 deletions
diff --git a/src/archive/tar/reader.go b/src/archive/tar/reader.go index 67db71540c..f38f8c8ce6 100644 --- a/src/archive/tar/reader.go +++ b/src/archive/tar/reader.go @@ -165,18 +165,24 @@ func (tr *Reader) Next() (*Header, error) { if err != nil { return nil, err } - hdr, err := tr.Next() + hdr, tr.err = tr.Next() + if tr.err != nil { + return nil, tr.err + } hdr.Name = cString(realname) - return hdr, err + return hdr, nil case TypeGNULongLink: // We have a GNU long link header. realname, err := ioutil.ReadAll(tr) if err != nil { return nil, err } - hdr, err := tr.Next() + hdr, tr.err = tr.Next() + if tr.err != nil { + return nil, tr.err + } hdr.Linkname = cString(realname) - return hdr, err + return hdr, nil } return hdr, tr.err } diff --git a/src/archive/tar/reader_test.go b/src/archive/tar/reader_test.go index 4d065a9591..604d13f57b 100644 --- a/src/archive/tar/reader_test.go +++ b/src/archive/tar/reader_test.go @@ -300,6 +300,14 @@ var untarTests = []*untarTest{ file: "testdata/issue11169.tar", // TODO(dsnet): Currently the library does not detect that this file is // malformed. Instead it incorrectly believes that file just ends. + // At least the library doesn't crash anymore. + // err: ErrHeader, + }, + { + file: "testdata/issue12435.tar", + // TODO(dsnet): Currently the library does not detect that this file is + // malformed. Instead, it incorrectly believes that file just ends. + // At least the library doesn't crash anymore. // err: ErrHeader, }, } diff --git a/src/archive/tar/testdata/issue12435.tar b/src/archive/tar/testdata/issue12435.tar Binary files differnew file mode 100644 index 0000000000..3542dd8efd --- /dev/null +++ b/src/archive/tar/testdata/issue12435.tar |