diff options
author | Rob Pike <r@golang.org> | 2014-09-25 15:18:25 -0700 |
---|---|---|
committer | Rob Pike <r@golang.org> | 2014-09-25 15:18:25 -0700 |
commit | 9c3fc838ba982571e704c1674e9f97678f8a6e93 (patch) | |
tree | 84f3d7cc73ba7f0ef253a9468f825d14853cf92b /src/encoding/gob/decode.go | |
parent | dff461f935523035d2f64dc80b1626a0644ab344 (diff) | |
download | go-9c3fc838ba982571e704c1674e9f97678f8a6e93.tar.gz go-9c3fc838ba982571e704c1674e9f97678f8a6e93.zip |
encoding/gob: error rather than panic when decoding enormous slices
Fixes #8084.
LGTM=ruiu
R=golang-codereviews, ruiu
CC=golang-codereviews
https://golang.org/cl/142710043
Diffstat (limited to 'src/encoding/gob/decode.go')
-rw-r--r-- | src/encoding/gob/decode.go | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/encoding/gob/decode.go b/src/encoding/gob/decode.go index 2367650c8b..502209a8a8 100644 --- a/src/encoding/gob/decode.go +++ b/src/encoding/gob/decode.go @@ -312,6 +312,9 @@ func decUint8Slice(i *decInstr, state *decoderState, value reflect.Value) { if n > state.b.Len() { errorf("%s data too long for buffer: %d", value.Type(), n) } + if n > tooBig { + errorf("byte slice too big: %d", n) + } if value.Cap() < n { value.Set(reflect.MakeSlice(value.Type(), n, n)) } else { @@ -539,8 +542,15 @@ func (dec *Decoder) decodeSlice(state *decoderState, value reflect.Value, elemOp // of interfaces, there will be buffer reloads. errorf("length of %s is negative (%d bytes)", value.Type(), u) } + typ := value.Type() + size := uint64(typ.Elem().Size()) + // Take care with overflow in this calculation. + nBytes := u * size + if nBytes > tooBig || (size > 0 && nBytes/size != u) { + errorf("%s slice too big: %d elements of %d bytes", typ.Elem(), n, size) + } if value.Cap() < n { - value.Set(reflect.MakeSlice(value.Type(), n, n)) + value.Set(reflect.MakeSlice(typ, n, n)) } else { value.Set(value.Slice(0, n)) } |