diff options
author | Rob Pike <r@golang.org> | 2015-04-08 13:17:57 -0700 |
---|---|---|
committer | Rob Pike <r@golang.org> | 2015-04-09 17:02:19 +0000 |
commit | d64617fc0a537d9783f03ef5c97eaee7d0e7de17 (patch) | |
tree | 25e2da4d2aafa945a9670c47c4dd4068f100a896 /src/encoding/gob/decode.go | |
parent | ee349b5d771b1c3e58f77b07e200a0a630667f22 (diff) | |
download | go-d64617fc0a537d9783f03ef5c97eaee7d0e7de17.tar.gz go-d64617fc0a537d9783f03ef5c97eaee7d0e7de17.zip |
encoding/gob: more checks for corrupted data
Also unify the tests where possible to make it easy to add more.
Fixes #10273.
Change-Id: Idfa4f4a5dcaa05974066bafe17bed6cdd2ebedb7
Reviewed-on: https://go-review.googlesource.com/8662
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Diffstat (limited to 'src/encoding/gob/decode.go')
-rw-r--r-- | src/encoding/gob/decode.go | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/src/encoding/gob/decode.go b/src/encoding/gob/decode.go index 3f34cbac57..40dcc8eb7e 100644 --- a/src/encoding/gob/decode.go +++ b/src/encoding/gob/decode.go @@ -682,7 +682,11 @@ func (dec *Decoder) decodeInterface(ityp reflect.Type, state *decoderState, valu // ignoreInterface discards the data for an interface value with no destination. func (dec *Decoder) ignoreInterface(state *decoderState) { // Read the name of the concrete type. - b := make([]byte, state.decodeUint()) + n, ok := state.getLength() + if !ok { + errorf("bad interface encoding: name too large for buffer") + } + b := make([]byte, n) _, err := state.b.Read(b) if err != nil { error_(err) @@ -692,9 +696,9 @@ func (dec *Decoder) ignoreInterface(state *decoderState) { error_(dec.err) } // At this point, the decoder buffer contains a delimited value. Just toss it. - n, ok := state.getLength() + n, ok = state.getLength() if !ok { - errorf("bad interface encoding: length too large for buffer") + errorf("bad interface encoding: data length too large for buffer") } state.b.Drop(n) } @@ -703,7 +707,11 @@ func (dec *Decoder) ignoreInterface(state *decoderState) { // The data is encoded as a byte slice. func (dec *Decoder) decodeGobDecoder(ut *userTypeInfo, state *decoderState, value reflect.Value) { // Read the bytes for the value. - b := make([]byte, state.decodeUint()) + n, ok := state.getLength() + if !ok { + errorf("GobDecoder: length too large for buffer") + } + b := make([]byte, n) _, err := state.b.Read(b) if err != nil { error_(err) @@ -725,7 +733,11 @@ func (dec *Decoder) decodeGobDecoder(ut *userTypeInfo, state *decoderState, valu // ignoreGobDecoder discards the data for a GobDecoder value with no destination. func (dec *Decoder) ignoreGobDecoder(state *decoderState) { // Read the bytes for the value. - b := make([]byte, state.decodeUint()) + n, ok := state.getLength() + if !ok { + errorf("GobDecoder: length too large for buffer") + } + b := make([]byte, n) _, err := state.b.Read(b) if err != nil { error_(err) |