File tree Expand file tree Collapse file tree 1 file changed +16
-2
lines changed Expand file tree Collapse file tree 1 file changed +16
-2
lines changed Original file line number Diff line number Diff line change @@ -912,12 +912,26 @@ pub fn read_compact_size<R: Read + ?Sized>(r: &mut R) -> io::Result<u32> {
912912 0xFD => {
913913 let mut buf = [ 0u8 ; 2 ] ;
914914 r. read_exact ( & mut buf) ?;
915- Ok ( u16:: from_le_bytes ( buf) as u32 )
915+ let value = u16:: from_le_bytes ( buf) as u32 ;
916+ if value < 0xFD {
917+ return Err ( io:: Error :: new (
918+ io:: ErrorKind :: InvalidData ,
919+ "Non-minimal compact size encoding" ,
920+ ) ) ;
921+ }
922+ Ok ( value)
916923 }
917924 0xFE => {
918925 let mut buf = [ 0u8 ; 4 ] ;
919926 r. read_exact ( & mut buf) ?;
920- Ok ( u32:: from_le_bytes ( buf) )
927+ let value = u32:: from_le_bytes ( buf) ;
928+ if value <= 0xFFFF {
929+ return Err ( io:: Error :: new (
930+ io:: ErrorKind :: InvalidData ,
931+ "Non-minimal compact size encoding" ,
932+ ) ) ;
933+ }
934+ Ok ( value)
921935 }
922936 0xFF => {
923937 // Value is too large to fit in u32
You can’t perform that action at this time.
0 commit comments