Skip to content

Golang copyN When Decompression

What does this mean ?

The rule specifically detects usage of io.Copy on file decompression.This is a potential issue because io.Copy:copies from src to dst until either EOF is reached on src or an error occurs.

What can happen ?

A malicious payload might cause your program to decompress an unexpectedly big amount of data and go out of memory, causing denial of service as mentioned in the warning message.

Recommendation

Using io.CopyN removes the warning because (quote) it "copies n bytes (or until an error) from src to dst", thus giving you (the program writer) control of how many bytes to copy. So you could pass an arbitrarily large n that you set based on the available resources of your application, or copy in chunks.

Sample Code

Vulnerable :

if _, err := io.Copy(targetFile, fileReader); err != nil {
    return err
}

Non Vulnerable :

for {
    _, err := io.CopyN(targetFile, fileReader, 1024)
    if err != nil {
        if err == io.EOF {
            break
        }
        return err
    }
}

References