Skip to content

Commit a77f858

Browse files
phbnfphbnf
committed
add int size checks
1 parent f630435 commit a77f858

File tree

1 file changed

+13
-0
lines changed

1 file changed

+13
-0
lines changed

internal/types/tls/tls.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ import (
2222
"bytes"
2323
"encoding/binary"
2424
"fmt"
25+
"math"
2526
"reflect"
2627
"strconv"
2728
"strings"
@@ -295,6 +296,9 @@ func readVarUint(data []byte, info *fieldInfo) (uint64, error) {
295296
if info == nil || !info.countSet {
296297
return 0, structuralError{info.fieldName(), "no field size information available"}
297298
}
299+
if info.count > math.MaxInt {
300+
return 0, syntaxError{info.fieldName(), "count > math.MaxInt"}
301+
}
298302
if len(data) < int(info.count) {
299303
return 0, syntaxError{info.fieldName(), "truncated variable-length integer"}
300304
}
@@ -365,6 +369,9 @@ func parseField(v reflect.Value, data []byte, initOffset int, info *fieldInfo) (
365369
return offset, err
366370
}
367371
v.SetUint(val)
372+
if info.count > math.MaxInt {
373+
return offset, syntaxError{info.fieldName(), "count > math.MaxInt"}
374+
}
368375
offset += int(info.count)
369376
return offset, nil
370377
case reflect.Struct:
@@ -468,7 +475,13 @@ func parseField(v reflect.Value, data []byte, initOffset int, info *fieldInfo) (
468475
if err != nil {
469476
return offset, err
470477
}
478+
if varlen > math.MaxInt {
479+
return offset, syntaxError{info.fieldName(), "varlen > math.MaxInt"}
480+
}
471481
datalen := int(varlen)
482+
if info.count > math.MaxInt {
483+
return offset, syntaxError{info.fieldName(), "count > math.MaxInt"}
484+
}
472485
offset += int(info.count)
473486
rest = rest[info.count:]
474487

0 commit comments

Comments
 (0)