From a822198ebf2f11695a51e312cb02bec91125306a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 18 Feb 2023 14:02:49 +0000 Subject: [PATCH] [chore]: Bump golang.org/x/image from 0.4.0 to 0.5.0 (#1516) Bumps [golang.org/x/image](https://github.com/golang/image) from 0.4.0 to 0.5.0. - [Release notes](https://github.com/golang/image/releases) - [Commits](https://github.com/golang/image/compare/v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/image dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 +- vendor/golang.org/x/image/tiff/reader.go | 57 +++++++++++++++++++++--- vendor/modules.txt | 2 +- 4 files changed, 55 insertions(+), 10 deletions(-) diff --git a/go.mod b/go.mod index 182376742..c7a3b0d7d 100644 --- a/go.mod +++ b/go.mod @@ -54,7 +54,7 @@ require ( go.uber.org/automaxprocs v1.5.1 golang.org/x/crypto v0.5.0 golang.org/x/exp v0.0.0-20220613132600-b0d781184e0d - golang.org/x/image v0.4.0 + golang.org/x/image v0.5.0 golang.org/x/net v0.5.0 golang.org/x/oauth2 v0.4.0 golang.org/x/text v0.7.0 diff --git a/go.sum b/go.sum index dac7432bb..c293ca35a 100644 --- a/go.sum +++ b/go.sum @@ -668,8 +668,8 @@ golang.org/x/exp v0.0.0-20220613132600-b0d781184e0d/go.mod h1:Kr81I6Kryrl9sr8s2F golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.4.0 h1:x1RWAiZIvERqkltrFjtQP1ycmiR5pmhjtCfVOtdURuQ= -golang.org/x/image v0.4.0/go.mod h1:FVC7BI/5Ym8R25iw5OLsgshdUBbT1h5jZTpA+mvAdZ4= +golang.org/x/image v0.5.0 h1:5JMiNunQeQw++mMOz48/ISeNu3Iweh/JaZU8ZLqHRrI= +golang.org/x/image v0.5.0/go.mod h1:FVC7BI/5Ym8R25iw5OLsgshdUBbT1h5jZTpA+mvAdZ4= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= diff --git a/vendor/golang.org/x/image/tiff/reader.go b/vendor/golang.org/x/image/tiff/reader.go index de73f4b99..45cc056f4 100644 --- a/vendor/golang.org/x/image/tiff/reader.go +++ b/vendor/golang.org/x/image/tiff/reader.go @@ -38,6 +38,52 @@ func (e UnsupportedError) Error() string { var errNoPixels = FormatError("not enough pixel data") +const maxChunkSize = 10 << 20 // 10M + +// safeReadtAt is a verbatim copy of internal/saferio.ReadDataAt from the +// standard library, which is used to read data from a reader using a length +// provided by untrusted data, without allocating the entire slice ahead of time +// if it is large (>maxChunkSize). This allows us to avoid allocating giant +// slices before learning that we can't actually read that much data from the +// reader. +func safeReadAt(r io.ReaderAt, n uint64, off int64) ([]byte, error) { + if int64(n) < 0 || n != uint64(int(n)) { + // n is too large to fit in int, so we can't allocate + // a buffer large enough. Treat this as a read failure. + return nil, io.ErrUnexpectedEOF + } + + if n < maxChunkSize { + buf := make([]byte, n) + _, err := r.ReadAt(buf, off) + if err != nil { + // io.SectionReader can return EOF for n == 0, + // but for our purposes that is a success. + if err != io.EOF || n > 0 { + return nil, err + } + } + return buf, nil + } + + var buf []byte + buf1 := make([]byte, maxChunkSize) + for n > 0 { + next := n + if next > maxChunkSize { + next = maxChunkSize + } + _, err := r.ReadAt(buf1[:next], off) + if err != nil { + return nil, err + } + buf = append(buf, buf1[:next]...) + n -= next + off += int64(next) + } + return buf, nil +} + type decoder struct { r io.ReaderAt byteOrder binary.ByteOrder @@ -82,8 +128,7 @@ func (d *decoder) ifdUint(p []byte) (u []uint, err error) { } if datalen := lengths[datatype] * count; datalen > 4 { // The IFD contains a pointer to the real value. - raw = make([]byte, datalen) - _, err = d.r.ReadAt(raw, int64(d.byteOrder.Uint32(p[8:12]))) + raw, err = safeReadAt(d.r, uint64(datalen), int64(d.byteOrder.Uint32(p[8:12]))) } else { raw = p[8 : 8+datalen] } @@ -427,8 +472,9 @@ func newDecoder(r io.Reader) (*decoder, error) { numItems := int(d.byteOrder.Uint16(p[0:2])) // All IFD entries are read in one chunk. - p = make([]byte, ifdLen*numItems) - if _, err := d.r.ReadAt(p, ifdOffset+2); err != nil { + var err error + p, err = safeReadAt(d.r, uint64(ifdLen*numItems), ifdOffset+2) + if err != nil { return nil, err } @@ -656,8 +702,7 @@ func Decode(r io.Reader) (img image.Image, err error) { if b, ok := d.r.(*buffer); ok { d.buf, err = b.Slice(int(offset), int(n)) } else { - d.buf = make([]byte, n) - _, err = d.r.ReadAt(d.buf, offset) + d.buf, err = safeReadAt(d.r, uint64(n), offset) } case cG3: inv := d.firstVal(tPhotometricInterpretation) == pWhiteIsZero diff --git a/vendor/modules.txt b/vendor/modules.txt index fbb4cab40..c3449cfad 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -713,7 +713,7 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf ## explicit; go 1.18 golang.org/x/exp/constraints golang.org/x/exp/slices -# golang.org/x/image v0.4.0 +# golang.org/x/image v0.5.0 ## explicit; go 1.12 golang.org/x/image/bmp golang.org/x/image/ccitt