From 9c3fc838ba982571e704c1674e9f97678f8a6e93 Mon Sep 17 00:00:00 2001
From: Rob Pike <r@golang.org>
Date: Thu, 25 Sep 2014 15:18:25 -0700
Subject: encoding/gob: error rather than panic when decoding enormous slices
 Fixes #8084.

LGTM=ruiu
R=golang-codereviews, ruiu
CC=golang-codereviews
https://golang.org/cl/142710043
---
 src/encoding/gob/decoder.go | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'src/encoding/gob/decoder.go')

diff --git a/src/encoding/gob/decoder.go b/src/encoding/gob/decoder.go
index 3a769ec125..dcad7a0e48 100644
--- a/src/encoding/gob/decoder.go
+++ b/src/encoding/gob/decoder.go
@@ -13,6 +13,11 @@ import (
 	"sync"
 )
 
+// tooBig provides a sanity check for sizes; used in several places.
+// Upper limit of 1GB, allowing room to grow a little without overflow.
+// TODO: make this adjustable?
+const tooBig = 1 << 30
+
 // A Decoder manages the receipt of type and data information read from the
 // remote side of a connection.
 type Decoder struct {
@@ -75,9 +80,7 @@ func (dec *Decoder) recvMessage() bool {
 		dec.err = err
 		return false
 	}
-	// Upper limit of 1GB, allowing room to grow a little without overflow.
-	// TODO: We might want more control over this limit.
-	if nbytes >= 1<<30 {
+	if nbytes >= tooBig {
 		dec.err = errBadCount
 		return false
 	}
-- 
cgit v1.3