enforce non-negative size in gzip parser

evanw · evanw · commit 0a9bf2135b67 · 2026-06-11T17:47:31.000-04:00
diff --git a/lib/deno/mod.ts b/lib/deno/mod.ts
@@ -130,7 +130,7 @@ function extractFileFromTarGzip(buffer: Uint8Array, file: string): Uint8Array {
     let name = str(offset, 100)
     let size = parseInt(str(offset + 124, 12), 8)
     offset += 512
-    if (!isNaN(size)) {
+    if (!isNaN(size) && size >= 0) {
       if (name === file) return buffer.subarray(offset, offset + size)
       offset += (size + 511) & ~511
     }
diff --git a/lib/npm/node-install.ts b/lib/npm/node-install.ts
@@ -94,7 +94,7 @@ function extractFileFromTarGzip(buffer: Buffer, subpath: string): Buffer {
     let name = str(offset, 100)
     let size = parseInt(str(offset + 124, 12), 8)
     offset += 512
-    if (!isNaN(size)) {
+    if (!isNaN(size) && size >= 0) {
       if (name === subpath) return buffer.subarray(offset, offset + size)
       offset += (size + 511) & ~511
     }

Original file line number	Diff line number	Diff line change
`@@ -130,7 +130,7 @@ function extractFileFromTarGzip(buffer: Uint8Array, file: string): Uint8Array {`
`130`	`130`	`let name = str(offset, 100)`
`131`	`131`	`let size = parseInt(str(offset + 124, 12), 8)`
`132`	`132`	`offset += 512`
`133`		`- if (!isNaN(size)) {`
	`133`	`+ if (!isNaN(size) && size >= 0) {`
`134`	`134`	`if (name === file) return buffer.subarray(offset, offset + size)`
`135`	`135`	`offset += (size + 511) & ~511`
`136`	`136`	`}`
Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,7 @@ function extractFileFromTarGzip(buffer: Buffer, subpath: string): Buffer {`
`94`	`94`	`let name = str(offset, 100)`
`95`	`95`	`let size = parseInt(str(offset + 124, 12), 8)`
`96`	`96`	`offset += 512`
`97`		`- if (!isNaN(size)) {`
	`97`	`+ if (!isNaN(size) && size >= 0) {`
`98`	`98`	`if (name === subpath) return buffer.subarray(offset, offset + size)`
`99`	`99`	`offset += (size + 511) & ~511`
`100`	`100`	`}`