7 years ago · 040cc1a32f
--- a/corpus/020dfb19a68cbcf99dc93dc1030068d4c9968ad0-2
+++ b/corpus/020dfb19a68cbcf99dc93dc1030068d4c9968ad0-2
--- a/corpus/05979b224be0294bf350310d4ba5257c9bb815db-3
+++ b/corpus/05979b224be0294bf350310d4ba5257c9bb815db-3
@@ -0,0 +1 @@
 
				+ï¿½ï¿ï¿½ï¿½Y
			
--- a/corpus/0e64ca2823923c5efa03ff2bd6e0aa1018eeca3b-9
+++ b/corpus/0e64ca2823923c5efa03ff2bd6e0aa1018eeca3b-9
--- a/corpus/1
+++ b/corpus/1
--- a/corpus/361a1c6d2a8f80780826c3d83ad391d0475c922f-4
+++ b/corpus/361a1c6d2a8f80780826c3d83ad391d0475c922f-4
--- a/corpus/4117af68228fa64339d362cf980c68ffadff96c8-12
+++ b/corpus/4117af68228fa64339d362cf980c68ffadff96c8-12
--- a/corpus/4142249be82c8a617cf838eef05394ece39becd3-9
+++ b/corpus/4142249be82c8a617cf838eef05394ece39becd3-9
--- a/corpus/41ea8c7d904f1cd913b52e9ead4a96c639d76802-10
+++ b/corpus/41ea8c7d904f1cd913b52e9ead4a96c639d76802-10
--- a/corpus/44083e1447694980c0ee682576e32358c9ee883f-2
+++ b/corpus/44083e1447694980c0ee682576e32358c9ee883f-2
--- a/corpus/4d6b359bd538feaa7d36c89235d07d0a443797ac-1
+++ b/corpus/4d6b359bd538feaa7d36c89235d07d0a443797ac-1
--- a/corpus/521e7e67b6063a75e0eeb24b0d1dd20731d34ad8-4
+++ b/corpus/521e7e67b6063a75e0eeb24b0d1dd20731d34ad8-4
@@ -0,0 +1 @@
 
				+ï¿½ï¿ï¿½¿ï¿½ïï¿½Y
			
--- a/corpus/526e6f85d1b8777f0d9f70634c9f8b77fbdccdff-7
+++ b/corpus/526e6f85d1b8777f0d9f70634c9f8b77fbdccdff-7
--- a/corpus/581b8fe7088f921567811fdf30e1f527c9f48e5e
+++ b/corpus/581b8fe7088f921567811fdf30e1f527c9f48e5e
@@ -0,0 +1 @@
 
				+package 
			
--- a/corpus/60cd10738158020f5843b43960158c3d116b3a71-11
+++ b/corpus/60cd10738158020f5843b43960158c3d116b3a71-11
--- a/corpus/652b031b4b9d601235f86ef62523e63d733b8623-3
+++ b/corpus/652b031b4b9d601235f86ef62523e63d733b8623-3
--- a/corpus/684a011f6fdfc7ae9863e12381165e82d2a2e356-9
+++ b/corpus/684a011f6fdfc7ae9863e12381165e82d2a2e356-9
--- a/corpus/72e42fc8e5eaed6a8a077f420fc3bd1f9a7c0919-1
+++ b/corpus/72e42fc8e5eaed6a8a077f420fc3bd1f9a7c0919-1
--- a/corpus/80881d1b911b95e0203b3b0e7dc6360c35f7620f-7
+++ b/corpus/80881d1b911b95e0203b3b0e7dc6360c35f7620f-7
@@ -0,0 +1 @@
 
				+箭쏙여쏙울�슴占쏙옙占全�슴占㈌占㈌占�슴占쏙옙占全�슴占쏘울苑楮珽옙
			
--- a/corpus/8484b3082d522e0a1f315db1fa1b2a5118be7cc3-8
+++ b/corpus/8484b3082d522e0a1f315db1fa1b2a5118be7cc3-8
--- a/corpus/9635bb09260f100bc4a2ee4e3b980fecc5b874ce-1
+++ b/corpus/9635bb09260f100bc4a2ee4e3b980fecc5b874ce-1
--- a/corpus/99d36b0b5b1be7151a508dd440ec725a2576c41c-1
+++ b/corpus/99d36b0b5b1be7151a508dd440ec725a2576c41c-1
--- a/corpus/9d339eddb4e2714ea319c3fb571311cb95fdb067-6
+++ b/corpus/9d339eddb4e2714ea319c3fb571311cb95fdb067-6
--- a/corpus/b2419fcb7a9aef359de67cb6bd2b8a8c1f5c100f-4
+++ b/corpus/b2419fcb7a9aef359de67cb6bd2b8a8c1f5c100f-4
@@ -0,0 +1 @@
 
				+½ï¿ï¿½ï¿½Y
			
--- a/corpus/c1951b29109ec1017f63535ce3699630f46f54e1-5
+++ b/corpus/c1951b29109ec1017f63535ce3699630f46f54e1-5
--- a/corpus/cb806bc4f67316af02d6ae677332a3b6005a18da-5
+++ b/corpus/cb806bc4f67316af02d6ae677332a3b6005a18da-5
@@ -0,0 +1 @@
 
				+ο©½οΏο�½ΏοΏ½ξΏοζΏ½
			
--- a/corpus/cd7dd228703739e9252c7ea76f1c5f82ab44686a-10
+++ b/corpus/cd7dd228703739e9252c7ea76f1c5f82ab44686a-10
--- a/corpus/ce3671e91907349cea04fc3f2a4b91c65b99461d-3
+++ b/corpus/ce3671e91907349cea04fc3f2a4b91c65b99461d-3
--- a/corpus/ce3c6f4c31f74d72fbf74c17d14a8d29aa62059e-6
+++ b/corpus/ce3c6f4c31f74d72fbf74c17d14a8d29aa62059e-6
@@ -0,0 +1 @@
 
				+箭쏙여쏙울�슴占쏙옙占全�슴占쏘울轅�
			
--- a/corpus/da39a3ee5e6b4b0d3255bfef95601890afd80709-1
+++ b/corpus/da39a3ee5e6b4b0d3255bfef95601890afd80709-1
--- a/corpus/e2230aa0ecaebb9b890440effa13f501a89247b2-1
+++ b/corpus/e2230aa0ecaebb9b890440effa13f501a89247b2-1
--- a/corpus/efa11d676fb2a77afb8eac3d7ed30e330a7c2efe-11
+++ b/corpus/efa11d676fb2a77afb8eac3d7ed30e330a7c2efe-11
--- a/corpus/f0445ac39e03978bbc8011316ac8468015ddb72c-1
+++ b/corpus/f0445ac39e03978bbc8011316ac8468015ddb72c-1
--- a/corpus/f241da53c6bc1fe3368c55bf28db86ce15a2c784-2
+++ b/corpus/f241da53c6bc1fe3368c55bf28db86ce15a2c784-2
--- a/fuzz.go
+++ b/fuzz.go
@@ -0,0 +1,16 @@
 
				+// +build gofuzz
			
 
				+
			
 
				+package snappy
			
 
				+
			
 
				+func Fuzz(data []byte) int {
			
 
				+	decode, err := Decode(data)
			
 
				+	if decode == nil && err == nil {
			
 
				+		panic("nil error with nil result")
			
 
				+	}
			
 
				+
			
 
				+	if err != nil {
			
 
				+		return 0
			
 
				+	}
			
 
				+
			
 
				+	return 1
			
 
				+}
			
--- a/snappy.go
+++ b/snappy.go
@@ -3,11 +3,22 @@ package snappy
 
				 import (
			
 
				 	"bytes"
			
 
				 	"encoding/binary"
			
 
				+	"errors"
			
 
				 
			
 
				 	master "github.com/golang/snappy"
			
 
				 )
			
 
				 
			
 
				-var xerialHeader = []byte{130, 83, 78, 65, 80, 80, 89, 0}
			
 
				+const (
			
 
				+	sizeOffset = 16
			
 
				+	sizeBytes  = 4
			
 
				+)
			
 
				+
			
 
				+var (
			
 
				+	xerialHeader = []byte{130, 83, 78, 65, 80, 80, 89, 0}
			
 
				+	// ErrMalformed is returned by the decoder when the xerial framing
			
 
				+	// is malformed
			
 
				+	ErrMalformed = errors.New("malformed xerial framing")
			
 
				+)
			
 
				 
			
 
				 // Encode encodes data as snappy with no framing header.
			
 
				 func Encode(src []byte) []byte {
			
@@ -17,26 +28,43 @@ func Encode(src []byte) []byte {
 
				 // Decode decodes snappy data whether it is traditional unframed
			
 
				 // or includes the xerial framing format.
			
 
				 func Decode(src []byte) ([]byte, error) {
			
 
				+	var max = len(src)
			
 
				+	if max < len(xerialHeader) {
			
 
				+		return nil, ErrMalformed
			
 
				+	}
			
 
				+
			
 
				 	if !bytes.Equal(src[:8], xerialHeader) {
			
 
				 		return master.Decode(nil, src)
			
 
				 	}
			
 
				 
			
 
				+	if max < sizeOffset+sizeBytes {
			
 
				+		return nil, ErrMalformed
			
 
				+	}
			
 
				+
			
 
				 	var (
			
 
				-		pos   = uint32(16)
			
 
				-		max   = uint32(len(src))
			
 
				+		pos   = sizeOffset
			
 
				 		dst   = make([]byte, 0, len(src))
			
 
				 		chunk []byte
			
 
				 		err   error
			
 
				 	)
			
 
				-	for pos < max {
			
 
				-		size := binary.BigEndian.Uint32(src[pos : pos+4])
			
 
				-		pos += 4
			
 
				 
			
 
				-		chunk, err = master.Decode(chunk, src[pos:pos+size])
			
 
				+	for pos+sizeBytes <= max {
			
 
				+		size := int(binary.BigEndian.Uint32(src[pos : pos+sizeBytes]))
			
 
				+		pos += sizeBytes
			
 
				+
			
 
				+		nextPos := pos + size
			
 
				+		// On architectures where int is 32-bytes wide size + pos could
			
 
				+		// overflow so we need to check the low bound as well as the
			
 
				+		// high
			
 
				+		if nextPos < pos || nextPos > max {
			
 
				+			return nil, ErrMalformed
			
 
				+		}
			
 
				+
			
 
				+		chunk, err = master.Decode(chunk, src[pos:nextPos])
			
 
				 		if err != nil {
			
 
				 			return nil, err
			
 
				 		}
			
 
				-		pos += size
			
 
				+		pos = nextPos
			
 
				 		dst = append(dst, chunk...)
			
 
				 	}
			
 
				 	return dst, nil
			
--- a/snappy_test.go
+++ b/snappy_test.go
@@ -47,3 +47,49 @@ func TestSnappyDecodeStreams(t *testing.T) {
 
				 		}
			
 
				 	}
			
 
				 }
			
 
				+
			
 
				+func TestSnappyDecodeMalformedTruncatedHeader(t *testing.T) {
			
 
				+	// Truncated headers should not cause a panic.
			
 
				+	for i := 0; i < len(xerialHeader); i++ {
			
 
				+		buf := make([]byte, i)
			
 
				+		copy(buf, xerialHeader[:i])
			
 
				+		if _, err := Decode(buf); err != ErrMalformed {
			
 
				+			t.Errorf("expected ErrMalformed got %v", err)
			
 
				+		}
			
 
				+	}
			
 
				+}
			
 
				+
			
 
				+func TestSnappyDecodeMalformedTruncatedSize(t *testing.T) {
			
 
				+	// Inputs with valid Xerial header but truncated "size" field
			
 
				+	sizes := []int{sizeOffset + 1, sizeOffset + 2, sizeOffset + 3}
			
 
				+	for _, size := range sizes {
			
 
				+		buf := make([]byte, size)
			
 
				+		copy(buf, xerialHeader)
			
 
				+		if _, err := Decode(buf); err != ErrMalformed {
			
 
				+			t.Errorf("expected ErrMalformed got %v", err)
			
 
				+		}
			
 
				+	}
			
 
				+}
			
 
				+
			
 
				+func TestSnappyDecodeMalformedBNoData(t *testing.T) {
			
 
				+	// No data after the size field
			
 
				+	buf := make([]byte, 20)
			
 
				+	copy(buf, xerialHeader)
			
 
				+	// indicate that there's one byte of data to be read
			
 
				+	buf[len(buf)-1] = 1
			
 
				+	if _, err := Decode(buf); err != ErrMalformed {
			
 
				+		t.Errorf("expected ErrMalformed got %v", err)
			
 
				+	}
			
 
				+}
			
 
				+
			
 
				+func TestSnappyMasterDecodeFailed(t *testing.T) {
			
 
				+	buf := make([]byte, 21)
			
 
				+	copy(buf, xerialHeader)
			
 
				+	// indicate that there's one byte of data to be read
			
 
				+	buf[len(buf)-2] = 1
			
 
				+	// A payload which will not decode
			
 
				+	buf[len(buf)-1] = 1
			
 
				+	if _, err := Decode(buf); err == ErrMalformed || err == nil {
			
 
				+		t.Errorf("unexpected err: %v", err)
			
 
				+	}
			
 
				+}
		`@@ -0,0 +1 @@`
		`+箭쏙여쏙울�슴占쏙옙占全�슴占㈌占㈌占�슴占쏙옙占全�슴占쏘울苑楮珽옙`
		`@@ -0,0 +1 @@`
		`+箭쏙여쏙울�슴占쏙옙占全�슴占쏘울轅�`