Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mime/multipart: memory exhaustion due to no limit on line length #1528

Closed
masiulaniec opened this issue Feb 17, 2011 · 4 comments
Closed

mime/multipart: memory exhaustion due to no limit on line length #1528

masiulaniec opened this issue Feb 17, 2011 · 4 comments
Labels
FrozenDueToAge

Comments

@masiulaniec
Copy link 

The mime/multipart package does not impose line length limits. Maliciously crafted
messages will cause bufio to allocate memory in infinite loop.

In general, bufio.ReadString('\n') should not be used against untrusted input.  Its uses
should be rewritten to use the recently added encoding/line package.

package main

ipackage main

import (
        "mime/multipart"
        "os"
)

type malicious struct{}

func (malicious) Read(b []byte) (n int, err os.Error) {
        return len(b), nil
}

func main() {
        r := multipart.NewReader(&malicious{}, "fooBoundary")
        r.NextPart()
}
@rsc
Copy link
Contributor

rsc commented Feb 17, 2011

Comment 1:

Owner changed to r...@golang.org.

Status changed to HelpWanted.

@rsc
Copy link
Contributor

rsc commented Feb 17, 2011

Comment 2:

You can still use bufio; just use ReadSlice.

@rsc
Copy link
Contributor

rsc commented Apr 20, 2011

Comment 3:

seems topical

Owner changed to @bradfitz.

Status changed to Accepted.

@bradfitz
Copy link
Contributor

Comment 4:

This issue was closed by revision ee154f5.

Status changed to Fixed.

@golang golang locked and limited conversation to collaborators Jun 24, 2016
This issue was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bradfitz @rsc @masiulaniec @gopherbot