Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: guard against int overflows in database chunk handling #422

Merged
merged 1 commit into from
Feb 20, 2025
Merged

fix: guard against int overflows in database chunk handling #422

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 33 additions & 7 deletions database/immutable/chunk.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright 2024 Blink Labs Software
// Copyright 2025 Blink Labs Software
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
Expand All @@ -16,6 +16,7 @@ package immutable

import (
"fmt"
"math"
"os"

"github.com/blinklabs-io/gouroboros/cbor"
Expand Down Expand Up @@ -74,12 +75,19 @@ func (c *chunk) Next() (*Block, error) {
return nil, nil
}
if c.nextEntry == nil {
if c.currentEntry.BlockOffset > math.MaxInt64 {
return nil, fmt.Errorf("current block offset integer overflow")
}
// This triggers even though we check it above
// #nosec G115
currOffset := int64(c.currentEntry.BlockOffset)

// We've reached the last entry in the chunk, so we calculate
// block size based on the size of the file
blockSize := c.fileSize - int64(c.currentEntry.BlockOffset)
blockSize := c.fileSize - currOffset
blockData := make([]byte, blockSize)
// Seek to offset
if _, err := c.file.Seek(int64(c.currentEntry.BlockOffset), 0); err != nil {
if _, err := c.file.Seek(currOffset, 0); err != nil {
return nil, err
}
n, err := c.file.Read(blockData)
Expand Down Expand Up @@ -109,18 +117,36 @@ func (c *chunk) Next() (*Block, error) {
return ret, nil
} else {
// Calculate block size based on the offsets for the current and next entries
blockSize := c.nextEntry.BlockOffset - c.currentEntry.BlockOffset
if c.currentEntry.BlockOffset > math.MaxInt64 {
return nil, fmt.Errorf("current block offset integer overflow")
}
// This triggers even though we check it above
// #nosec G115
currOffset := int64(c.currentEntry.BlockOffset)

if c.nextEntry.BlockOffset > math.MaxInt64 {
return nil, fmt.Errorf("next block offset integer overflow")
}
// This triggers even though we check it above
// #nosec G115
nextOffset := int64(c.nextEntry.BlockOffset)

blockSize := nextOffset - currOffset
blockData := make([]byte, blockSize)
// Seek to offset
if _, err := c.file.Seek(int64(c.currentEntry.BlockOffset), 0); err != nil {
if _, err := c.file.Seek(currOffset, 0); err != nil {
return nil, err
}
n, err := c.file.Read(blockData)
if err != nil {
return nil, err
}
if uint64(n) < blockSize {
return nil, fmt.Errorf("did not read expected amount of block data: expected %d, got %d", blockSize, n)
if int64(n) < blockSize {
return nil, fmt.Errorf(
"did not read expected amount of block data: expected %d, got %d",
blockSize,
n,
)
}
blkType, blkBytes, err := c.unwrapBlock(blockData)
if err != nil {
Expand Down
Loading