1
0
Fork 0
mirror of https://github.com/restic/restic.git synced 2024-12-23 08:16:36 +00:00

pack: Handle more invalid header cases

This commit is contained in:
Alexander Neumann 2017-06-08 21:04:07 +02:00
parent eb767ab15f
commit 48fecd791d

View file

@ -8,6 +8,7 @@ import (
"restic" "restic"
"sync" "sync"
"restic/debug"
"restic/errors" "restic/errors"
"restic/crypto" "restic/crypto"
@ -195,17 +196,14 @@ var minFileSize = entrySize + crypto.Extension
// readHeader reads the header at the end of rd. size is the length of the // readHeader reads the header at the end of rd. size is the length of the
// whole data accessible in rd. // whole data accessible in rd.
func readHeader(rd io.ReaderAt, size int64) ([]byte, error) { func readHeader(rd io.ReaderAt, size int64) ([]byte, error) {
debug.Log("size: %v", size)
if size == 0 { if size == 0 {
err := InvalidFileError{ err := InvalidFileError{Message: "file is empty"}
Message: "file is empty",
}
return nil, errors.Wrap(err, "readHeader") return nil, errors.Wrap(err, "readHeader")
} }
if size < int64(minFileSize) { if size < int64(minFileSize) {
err := InvalidFileError{ err := InvalidFileError{Message: "file is too small"}
Message: "file is too small",
}
return nil, errors.Wrap(err, "readHeader") return nil, errors.Wrap(err, "readHeader")
} }
@ -214,6 +212,23 @@ func readHeader(rd io.ReaderAt, size int64) ([]byte, error) {
return nil, err return nil, err
} }
debug.Log("header length: %v", size)
if hl == 0 {
err := InvalidFileError{Message: "header length is zero"}
return nil, errors.Wrap(err, "readHeader")
}
if hl < crypto.Extension {
err := InvalidFileError{Message: "header length is too small"}
return nil, errors.Wrap(err, "readHeader")
}
if (hl-crypto.Extension)%uint32(entrySize) != 0 {
err := InvalidFileError{Message: "header length is invalid"}
return nil, errors.Wrap(err, "readHeader")
}
if int64(hl) > size-int64(binary.Size(hl)) { if int64(hl) > size-int64(binary.Size(hl)) {
return nil, errors.New("header is larger than file") return nil, errors.New("header is larger than file")
} }