MCPcopy
hub / github.com/klauspost/compress / TestCVE202133196

Function TestCVE202133196

zip/reader_test.go:1419–1476  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

1417}
1418
1419func TestCVE202133196(t *testing.T) {
1420 // Archive that indicates it has 1 << 128 -1 files,
1421 // this would previously cause a panic due to attempting
1422 // to allocate a slice with 1 << 128 -1 elements.
1423 data := []byte{
1424 0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x08, 0x08,
1425 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1426 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1427 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x01, 0x02,
1428 0x03, 0x62, 0x61, 0x65, 0x03, 0x04, 0x00, 0x00,
1429 0xff, 0xff, 0x50, 0x4b, 0x07, 0x08, 0xbe, 0x20,
1430 0x5c, 0x6c, 0x09, 0x00, 0x00, 0x00, 0x03, 0x00,
1431 0x00, 0x00, 0x50, 0x4b, 0x01, 0x02, 0x14, 0x00,
1432 0x14, 0x00, 0x08, 0x08, 0x08, 0x00, 0x00, 0x00,
1433 0x00, 0x00, 0xbe, 0x20, 0x5c, 0x6c, 0x09, 0x00,
1434 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x03, 0x00,
1435 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1436 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1437 0x01, 0x02, 0x03, 0x50, 0x4b, 0x06, 0x06, 0x2c,
1438 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x2d,
1439 0x00, 0x2d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1440 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
1441 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff,
1442 0xff, 0xff, 0xff, 0x31, 0x00, 0x00, 0x00, 0x00,
1443 0x00, 0x00, 0x00, 0x3a, 0x00, 0x00, 0x00, 0x00,
1444 0x00, 0x00, 0x00, 0x50, 0x4b, 0x06, 0x07, 0x00,
1445 0x00, 0x00, 0x00, 0x6b, 0x00, 0x00, 0x00, 0x00,
1446 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x50,
1447 0x4b, 0x05, 0x06, 0x00, 0x00, 0x00, 0x00, 0xff,
1448 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1449 0xff, 0xff, 0xff, 0x00, 0x00,
1450 }
1451 _, err := NewReader(bytes.NewReader(data), int64(len(data)))
1452 if err != ErrFormat {
1453 t.Fatalf("unexpected error, got: %v, want: %v", err, ErrFormat)
1454 }
1455
1456 // Also check that an archive containing a handful of empty
1457 // files doesn't cause an issue
1458 b := bytes.NewBuffer(nil)
1459 w := NewWriter(b)
1460 for range 5 {
1461 _, err := w.Create("")
1462 if err != nil {
1463 t.Fatalf("Writer.Create failed: %s", err)
1464 }
1465 }
1466 if err := w.Close(); err != nil {
1467 t.Fatalf("Writer.Close failed: %s", err)
1468 }
1469 r, err := NewReader(bytes.NewReader(b.Bytes()), int64(b.Len()))
1470 if err != nil {
1471 t.Fatalf("NewReader failed: %s", err)
1472 }
1473 if len(r.File) != 5 {
1474 t.Errorf("Archive has unexpected number of files, got %d, want 5", len(r.File))
1475 }
1476}

Callers

nothing calls this directly

Calls 6

CreateMethod · 0.95
CloseMethod · 0.95
LenMethod · 0.80
NewReaderFunction · 0.70
NewWriterFunction · 0.70
BytesMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…