Fix reading small binary plists with data stored in the 6 byte trailer padding. Closes #20.v0.1.3

2 files changed, 19 insertions, 5 deletions

diff --git a/src/binary/reader.rs b/src/binary/reader.rs
index 770b12f..d9bf667 100644
--- a/src/binary/reader.rs
+++ b/src/binary/reader.rs
@@ -93,7 +93,7 @@ impl<R: Read + Seek> EventReader<R> {
 
         // File size minus trailer and header
         // Truncated to max(usize)
-        self.max_allocation = trailer_start.saturating_sub(6 + 8) as usize;
+        self.max_allocation = trailer_start.saturating_sub(8) as usize;
 
         // Read offset table
         try!(self.reader.seek(SeekFrom::Start(offset_table_offset)));
diff --git a/tests/fuzzer.rs b/tests/fuzzer.rs
index 65ce8eb..827b8c5 100644
--- a/tests/fuzzer.rs
+++ b/tests/fuzzer.rs
@@ -1,7 +1,7 @@
 extern crate plist;
 
 use std::io::Cursor;
-use plist::Plist;
+use plist::{Plist, Result};
 
 #[test]
 fn too_large_allocation() {
@@ -27,8 +27,22 @@ fn binary_circular_reference() {
     test_fuzzer_data_err(data);
 }
 
-fn test_fuzzer_data_err(data: &[u8]) {
+// Issue 20 - not found by fuzzing but this is a convenient place to put the test.
+#[test]
+fn binary_with_data_in_trailer() {
+    let data = b"bplist00\xd0\x08\0\0\0\0\0\0\x01\x01\0\0\0\0\0\0\0\x01\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\t";
+    test_fuzzer_data_ok(data);
+}
+
+fn test_fuzzer_data(data: &[u8]) -> Result<Plist> {
     let cursor = Cursor::new(data);
-    let res = Plist::read(cursor);
-    assert!(res.is_err());
+    Plist::read(cursor)
+}
+
+fn test_fuzzer_data_ok(data: &[u8]) {
+    assert!(test_fuzzer_data(data).is_ok());
+}
+
+fn test_fuzzer_data_err(data: &[u8]) {
+    assert!(test_fuzzer_data(data).is_err());
 }