compress/flate: panic on index out of range #3815
Labels
Comments
Simplified version of the code that runs on the play server: http://play.golang.org/p/Ba-CW0jeiv The number of iterations required to trigger the panic is determined indirectly by the prng seed. |
|
Owner changed to @nigeltao. Status changed to Accepted. |
@max. Thanks for your example, it looks like on line 31 you are ignoring the error. This version prints the error and exits the program. http://play.golang.org/p/amoY47bocw 2009/11/10 23:00:00 zlib: invalid header |
|
This issue was closed by revision da4eef4. Status changed to Fixed. |
nigeltao
added a commit
that referenced
this issue
May 11, 2015
…unds. ««« backport ecd688de20fb compress/flate: fix panic when nlit is out of bounds. Fixes #3815. R=r CC=golang-dev https://golang.org/cl/6352109 »»»
This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
by emilliken:
Saw this panic in some legit code, but the following will trigger it: package main import ( "bytes" "compress/zlib" "fmt" "io" "os" ) func main() { f, err := os.Open("/dev/urandom") if err != nil { fmt.Println(err) os.Exit(1) } buf := make([]byte, 1024) buf3 := make([]byte, 4096) for { _, err := io.ReadFull(f, buf) if err != nil { fmt.Println(err) os.Exit(1) } buf2 := bytes.NewBuffer(buf) for i := 0; i < buf2.Len(); i++ { sl := bytes.NewBuffer(buf2.Bytes()[i:]) zz, err := zlib.NewReader(sl) if err != nil { continue } zz.Read(buf3) } } } What is the expected output? nothing What do you see instead? panic: runtime error: index out of range goroutine 1 [running]: compress/flate.(*decompressor).readHuffman(0xf84005b000, 0x0, 0x0, 0x7f139bb20d90) /home/e/go/src/pkg/compress/flate/inflate.go:343 +0x3cf compress/flate.(*decompressor).nextBlock(0xf84005b000, 0x48d2f0) /home/e/go/src/pkg/compress/flate/inflate.go:262 +0x1ab compress/flate.(*decompressor).Read(0xf84005b000, 0xf84005a000, 0x100000001000, 0xf8400d24b0, 0xf84002c930, ...) /home/e/go/src/pkg/compress/flate/inflate.go:284 +0x136 compress/zlib.(*reader).Read(0xf8400d24b0, 0xf84005a000, 0x100000001000, 0xf8400d24b0, 0x0, ...) /home/e/go/src/pkg/compress/zlib/reader.go:103 +0x101 Which compiler are you using (5g, 6g, 8g, gccgo)? 8g Which operating system are you using? freebsd 8.1 Which version are you using? (run 'go version') go 1.0.2 Please provide any additional information below.The text was updated successfully, but these errors were encountered: