fix: int overflow check in chunk reader

Make the code scanners happy with a bounds check before we do the integer conversion from int64 to int, since this can overflow on 32 bit platforms. Best error to return here is a signature error since this is a client problem and the chunk headers are considered part of the request signature.
2026-04-28 16:26:55 +00:00 · 2024-05-01 09:30:08 -07:00
parent acf69ab03d
commit 2c165a632c
1 changed files with 4 additions and 0 deletions
--- a/s3api/utils/chunk-reader.go
+++ b/s3api/utils/chunk-reader.go
@@ -23,6 +23,7 @@ import (
 	"fmt"
 	"hash"
 	"io"
+	"math"
 	"strconv"
 	"time"

@@ -192,6 +193,9 @@ func (cr *ChunkReader) parseAndRemoveChunkInfo(p []byte) (int, error) {
 		cr.chunkDataLeft = 0
 		cr.chunkHash.Write(p[:chunkSize])
 		n, err := cr.parseAndRemoveChunkInfo(p[chunkSize:n])
+		if (chunkSize + int64(n)) > math.MaxInt {
+			return 0, s3err.GetAPIError(s3err.ErrSignatureDoesNotMatch)
+		}
 		return n + int(chunkSize), err
 	}