diff options
author | Rob Pike <r@golang.org> | 2015-09-19 11:39:22 -0700 |
---|---|---|
committer | Rob Pike <r@golang.org> | 2015-09-20 04:46:08 +0000 |
commit | 7b5af511a51e5ca4ed751c8ce4c8eb40f5292e35 (patch) | |
tree | 33894e0ef6edbbac8dc3f59a608f3e500b0646d7 /src/bufio | |
parent | e643dc79d4d9c9d6cd680351a8d3aab5de531903 (diff) | |
download | go-7b5af511a51e5ca4ed751c8ce4c8eb40f5292e35.tar.gz go-7b5af511a51e5ca4ed751c8ce4c8eb40f5292e35.zip |
bufio: fix overflow calculation in Scan
I was being too clever, as usual. Write the obvious code to make sure
that when we grow the buffer we don't overflow.
Change-Id: I1641831177b0bb8a89ab6e9bcabccf6c2fcfe1d2
Reviewed-on: https://go-review.googlesource.com/14781
Reviewed-by: Minux Ma <minux@golang.org>
Diffstat (limited to 'src/bufio')
-rw-r--r-- | src/bufio/scan.go | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/src/bufio/scan.go b/src/bufio/scan.go index 4f06f9764f..0ec584b027 100644 --- a/src/bufio/scan.go +++ b/src/bufio/scan.go @@ -162,11 +162,13 @@ func (s *Scanner) Scan() bool { } // Is the buffer full? If so, resize. if s.end == len(s.buf) { - if len(s.buf) >= s.maxTokenSize { + // Guarantee no overflow in the multiplication below. + const maxInt = int(^uint(0) >> 1) + if len(s.buf) >= s.maxTokenSize || len(s.buf) > maxInt/2 { s.setErr(ErrTooLong) return false } - newSize := len(s.buf) * 2 // See protection against overflow in Buffer. + newSize := len(s.buf) * 2 if newSize == 0 { newSize = startBufSize } @@ -238,12 +240,6 @@ func (s *Scanner) Buffer(buf []byte, max int) { panic("Buffer called after Scan") } s.buf = buf[0:cap(buf)] - // Guarantee no overflow: we multiply len(s.buf) by two in Scan, - // but only if it exceeds maxTokenSize. - const maxInt = int(^uint(0) >> 1) - if max > maxInt { - max = maxInt - } s.maxTokenSize = max } |