derp: prevent readFrame() from reading more than len(b) bytes.

Signed-off-by: Dmitry Adamushko <da@stablebits.net>
reviewable/pr284/r1
Dmitry Adamushko 5 years ago committed by Brad Fitzpatrick
parent f2c2d0de68
commit 806645ea0e

@ -138,7 +138,8 @@ func readFrame(br *bufio.Reader, maxSize uint32, b []byte) (t frameType, frameLe
if frameLen > maxSize { if frameLen > maxSize {
return 0, 0, fmt.Errorf("frame header size %d exceeds reader limit of %d", frameLen, maxSize) return 0, 0, fmt.Errorf("frame header size %d exceeds reader limit of %d", frameLen, maxSize)
} }
n, err := io.ReadFull(br, b[:frameLen])
n, err := io.ReadFull(br, b[:minUint32(frameLen, uint32(len(b)))])
if err != nil { if err != nil {
return 0, 0, err return 0, 0, err
} }
@ -179,3 +180,10 @@ func minInt(a, b int) int {
} }
return b return b
} }
func minUint32(a, b uint32) uint32 {
if a < b {
return a
}
return b
}

Loading…
Cancel
Save