From ddf32456778b71dcef91636306a996f9d8dc7d16 Mon Sep 17 00:00:00 2001
From: Harshavardhana <harsha@minio.io>
Date: Thu, 7 Jul 2016 01:30:34 -0700
Subject: [PATCH] xl/fs: offset and length cannot be negative. (#2121)

Fixes #2119
---
 erasure-readfile.go | 5 +++++
 erasure-utils.go    | 5 +++++
 fs-v1.go            | 4 ++++
 xl-v1-object.go     | 5 ++++-
 4 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/erasure-readfile.go b/erasure-readfile.go
index bc36ee31b..7cfe02880 100644
--- a/erasure-readfile.go
+++ b/erasure-readfile.go
@@ -175,6 +175,11 @@ func parallelRead(volume, path string, readDisks []StorageAPI, orderedDisks []St
 // then written to given writer. This function also supports bit-rot detection by
 // verifying checksum of individual block's checksum.
 func erasureReadFile(writer io.Writer, disks []StorageAPI, volume string, path string, partName string, eInfos []erasureInfo, offset int64, length int64, totalLength int64) (int64, error) {
+	// Offset and length cannot be negative.
+	if offset < 0 || length < 0 {
+		return 0, errUnexpected
+	}
+
 	// Pick one erasure info.
 	eInfo := pickValidErasureInfo(eInfos)
 
diff --git a/erasure-utils.go b/erasure-utils.go
index 45ab4ac65..ca7da6eeb 100644
--- a/erasure-utils.go
+++ b/erasure-utils.go
@@ -74,6 +74,11 @@ func getDataBlockLen(enBlocks [][]byte, dataBlocks int) int {
 // Writes all the data blocks from encoded blocks until requested
 // outSize length. Provides a way to skip bytes until the offset.
 func writeDataBlocks(dst io.Writer, enBlocks [][]byte, dataBlocks int, outOffset int64, outSize int64) (int64, error) {
+	// Offset and out size cannot be negative.
+	if outOffset < 0 || outSize < 0 {
+		return 0, errUnexpected
+	}
+
 	// Do we have enough blocks?
 	if len(enBlocks) < dataBlocks {
 		return 0, reedsolomon.ErrTooFewShards
diff --git a/fs-v1.go b/fs-v1.go
index 345c7d417..402e4c97c 100644
--- a/fs-v1.go
+++ b/fs-v1.go
@@ -217,6 +217,10 @@ func (fs fsObjects) GetObject(bucket, object string, offset int64, length int64,
 	if !IsValidObjectName(object) {
 		return ObjectNameInvalid{Bucket: bucket, Object: object}
 	}
+	// Offset and length cannot be negative.
+	if offset < 0 || length < 0 {
+		return toObjectErr(errUnexpected, bucket, object)
+	}
 	var totalLeft = length
 	bufSize := int64(readSizeV1)
 	if length > 0 && bufSize > length {
diff --git a/xl-v1-object.go b/xl-v1-object.go
index c30fe6133..2d06f3e86 100644
--- a/xl-v1-object.go
+++ b/xl-v1-object.go
@@ -48,7 +48,10 @@ func (xl xlObjects) GetObject(bucket, object string, startOffset int64, length i
 	if !IsValidObjectName(object) {
 		return ObjectNameInvalid{Bucket: bucket, Object: object}
 	}
-
+	// Start offset and length cannot be negative.
+	if startOffset < 0 || length < 0 {
+		return toObjectErr(errUnexpected, bucket, object)
+	}
 	// Lock the object before reading.
 	nsMutex.RLock(bucket, object)
 	defer nsMutex.RUnlock(bucket, object)