Commit `30f15e3afe`

Igor Anić <igor.anic@gmail.com>

2024-02-22 21:24:30

fix crash in tar found by fuzzing

Running fuzzing tar test with [zig std lib fuzzing](https://github.com/squeek502/zig-std-lib-fuzzing) reached and assert in tar implementation. Assert (in std lib) should not be reachable by external input, so I'm fixing this to return error.

master

1 parent 8802ec5

Changed files (3)

lib

std

tar

testdata

fuzz1.tar

test.zig

tar.zig

Binary file

@@ -313,6 +313,10 @@ test "tar run Go test cases" {
                 },
             },
         },
+        .{
+            .data = @embedFile("testdata/fuzz1.tar"),
+            .err = error.TarCorruptInput,
+        },
     };
 
     for (cases) |case| {

@@ -300,7 +300,7 @@ fn Iterator(comptime ReaderType: type) type {
         }
 
         inline fn readString(self: *Self, size: usize, buffer: []u8) ![]const u8 {
-            assert(buffer.len >= size);
+            if (size > buffer.len) return error.TarCorruptInput;
             const buf = buffer[0..size];
             try self.reader.readNoEof(buf);
             return nullStr(buf);

Commit 30f15e3afe

Commit `30f15e3afe`