Skip to content

fix: prevent panic on malformed ISO9660 path table #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
wizzomafizzo merged 1 commit into from
Dec 10, 2025
Merged

fix: prevent panic on malformed ISO9660 path table #5

wizzomafizzo merged 1 commit into from
Dec 10, 2025

Conversation

@wizzomafizzo
Copy link
Member

@wizzomafizzo wizzomafizzo commented Dec 10, 2025

Summary

  • Add bounds checking in parsePathTable to prevent slice bounds out of range panic when parsing malformed ISO9660 images

Background

The fuzzer found that malformed ISO9660 images with truncated path table entries could cause a panic. The path table entry's dirNameLen field could specify a length exceeding the remaining buffer, causing a slice bounds panic.

Changes

  • Validate that i+8+dirNameLen doesn't exceed buffer length before slicing
  • Return a descriptive error instead of panicking
  • Removed redundant bounds check that was after the loop condition

Test plan

  • All existing unit tests pass
  • Fuzz test seeds pass
  • Lint passes with 0 issues

@codecov
Copy link

codecov bot commented Dec 10, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@wizzomafizzo
fix: prevent panic on malformed ISO9660 path table
c5214f3 
Add bounds checking in parsePathTable to prevent slice bounds out of
range panic when parsing malformed ISO9660 images with truncated path
table entries.

Found by fuzzing: the path table entry's dirNameLen field could specify
a length exceeding the remaining buffer, causing a panic when slicing.
@wizzomafizzo wizzomafizzo force-pushed the fix/iso9660-path-table-bounds branch from 110d8b6 to c5214f3 Compare December 10, 2025 09:59
@wizzomafizzo wizzomafizzo merged commit 2916d33 into main Dec 10, 2025
9 checks passed
@wizzomafizzo wizzomafizzo deleted the fix/iso9660-path-table-bounds branch December 10, 2025 10:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@wizzomafizzo