-
Joe Tsai authored
Motivation: * The logic to verify the numEntries can overflow and incorrectly pass, allowing a malicious file to allocate arbitrary memory. * The use of strconv.ParseInt does not set the integer precision to 64bit, causing this code to work incorrectly on 32bit machines. Change-Id: I1b1571a750a84f2dde97cc329ed04fe2342aaa60 Reviewed-on: https://go-review.googlesource.com/15173Reviewed-by:
Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
e4add8d5
| Name |
Last commit
|
Last update |
|---|---|---|
| .. | ||
| testdata | ||
| common.go | ||
| example_test.go | ||
| reader.go | ||
| reader_test.go | ||
| stat_atim.go | ||
| stat_atimespec.go | ||
| stat_unix.go | ||
| tar_test.go | ||
| writer.go | ||
| writer_test.go |