From 027f9eb6b03b5b3204325d6972b07c107cc39497 Mon Sep 17 00:00:00 2001
From: David Frank <david.frank@dfinity.org>
Date: Wed, 11 Jun 2025 20:10:11 +0200
Subject: [PATCH] Fix underflow when input is shorter than one sector

This also changes the error to InvalidSignature when the input is too short (it used to be ReadError in release mode and panic in debug mode).
---
 src/lib.rs | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/lib.rs b/src/lib.rs
index 56685d4..44192b9 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -729,6 +729,10 @@ impl GPT {
         reader.seek(SeekFrom::Start(sector_size))?;
         let header = GPTHeader::read_from(&mut reader).or_else(|primary_err| {
             let len = reader.seek(SeekFrom::End(0))?;
+            if len < sector_size {
+                return Err(InvalidSignature);
+            }
+
             reader.seek(SeekFrom::Start((len / sector_size - 1) * sector_size))?;
 
             GPTHeader::read_from(&mut reader).map_err(|backup_err| {
@@ -1427,6 +1431,15 @@ mod test {
         assert!(GPT::find_from(&mut fs::File::open(DISK2).unwrap()).is_ok());
     }
 
+    #[test]
+    fn input_too_short() {
+        let mut empty = io::Cursor::new(vec![1; 5]);
+        assert!(matches!(
+            GPT::read_from(&mut empty, 512).expect_err("Should fail on short input"),
+            Error::InvalidSignature
+        ));
+    }
+
     #[test]
     fn find_backup() {
         fn test(path: &str, ss: u64) {