Skip to content

Fix ReadFullyAsync with ArrayPool buffer in SevenZipArchive signature check#1142

Merged
adamhathcock merged 2 commits intoadam/async-creationfrom
copilot/sub-pr-1132-another-one
Jan 16, 2026
Merged

Fix ReadFullyAsync with ArrayPool buffer in SevenZipArchive signature check#1142
adamhathcock merged 2 commits intoadam/async-creationfrom
copilot/sub-pr-1132-another-one

Conversation

Copy link
Contributor

Copilot AI commented Jan 16, 2026
edited
Loading

ArrayPool.Rent(6) may return buffers larger than 6 bytes, but ReadFullyAsync(buffer, cancellationToken) attempts to fill the entire buffer, causing reads beyond the intended 6-byte signature.

Changes

  • Changed ReadFullyAsync(buffer, cancellationToken) to ReadFullyAsync(buffer, 0, 6, cancellationToken) in SignatureMatchAsync
  • Now consistent with synchronous SignatureMatch which correctly uses ReadExact(buffer, 0, 6)
// Before: reads buffer.Length bytes (could be > 6)
if (!await stream.ReadFullyAsync(buffer, cancellationToken).ConfigureAwait(false))

// After: reads exactly 6 bytes
if (!await stream.ReadFullyAsync(buffer, 0, 6, cancellationToken).ConfigureAwait(false))

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI mentioned this pull request Jan 16, 2026
Merged
@adamhathcock
Fix ReadFullyAsync call to specify offset and count for ArrayPool buffer
b0fde2b 
Co-authored-by: adamhathcock <527620+adamhathcock@users.noreply.github.com>
Copilot AI changed the title [WIP] Address feedback from review on async creation cleanup PR Fix ReadFullyAsync with ArrayPool buffer in SevenZipArchive signature check Jan 16, 2026
Copilot AI requested a review from adamhathcock January 16, 2026 10:07
@adamhathcock adamhathcock marked this pull request as ready for review January 16, 2026 10:09
@adamhathcock adamhathcock merged commit 29f4c7f into adam/async-creation Jan 16, 2026
@adamhathcock adamhathcock deleted the copilot/sub-pr-1132-another-one branch January 16, 2026 10:09
This was referenced Feb 11, 2026
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Merged
Closed
Merged
Closed
Closed
Closed
Closed
Merged
@dependabot dependabot bot mentioned this pull request Feb 23, 2026
Closed
This was referenced Feb 23, 2026
Merged
Closed
Closed
Closed
Open
Closed
This was referenced Mar 2, 2026
Closed
Closed
Closed
Open
Open
Open
This was referenced Mar 9, 2026
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@adamhathcock adamhathcock adamhathcock approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@adamhathcock adamhathcock

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@adamhathcock