fix: invalid conversion when using Content-Range in client
Fixes: https://github.com/distribution/distribution/security/code-scanning/34 Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
This commit is contained in:
parent
06505be5d5
commit
f33e5a69da
1 changed files with 4 additions and 0 deletions
|
@ -7,6 +7,7 @@ import (
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
|
"math"
|
||||||
"net/http"
|
"net/http"
|
||||||
"regexp"
|
"regexp"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
@ -240,6 +241,9 @@ func (hrs *HTTPReadSeeker) reader() (io.Reader, error) {
|
||||||
return nil, fmt.Errorf("range in Content-Range stops before the end of the content: %s", contentRange)
|
return nil, fmt.Errorf("range in Content-Range stops before the end of the content: %s", contentRange)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if size > math.MaxInt64 {
|
||||||
|
return nil, fmt.Errorf("Content-Range size: %d exceeds max allowed size", size)
|
||||||
|
}
|
||||||
hrs.size = int64(size)
|
hrs.size = int64(size)
|
||||||
}
|
}
|
||||||
} else if resp.StatusCode == http.StatusOK {
|
} else if resp.StatusCode == http.StatusOK {
|
||||||
|
|
Loading…
Reference in a new issue