commit de03366fbe1f23cbb21d41aec8f4913f189ecb8b Author: David Fifield david@bamsoftware.com Date: Fri Feb 22 18:58:50 2019 -0700
Fix the overlong message checks.
It'll never exceed math.MaxUint32 if you convert it to uint32 first... I didn't notice what nonsense this was until I saw the commit email.
len returns int, which is specified to be either 32 or 64 bits, so it will never be truncated when coverting to uint64. https://golang.org/ref/spec#Numeric_types --- webextension/native/main.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/webextension/native/main.go b/webextension/native/main.go index 10a2b90..3f4ec3a 100644 --- a/webextension/native/main.go +++ b/webextension/native/main.go @@ -139,7 +139,7 @@ func writeResponseSpec(w io.Writer, spec *responseSpec) error { }
length := len(encodedSpec) - if uint32(length) > math.MaxUint32 { + if uint64(length) > math.MaxUint32 { return fmt.Errorf("response spec is too long to represent: %d", length) } err = binary.Write(w, binary.BigEndian, uint32(length)) @@ -178,7 +178,7 @@ func recvWebExtensionMessage(r io.Reader) ([]byte, error) { // https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Nativ... func sendWebExtensionMessage(w io.Writer, message []byte) error { length := len(message) - if uint32(length) > math.MaxUint32 { + if uint64(length) > math.MaxUint32 { return fmt.Errorf("WebExtension message is too long to represent: %d", length) } err := binary.Write(w, NativeEndian, uint32(length))