New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
encoding/gob: harden against invalid input #2689
Labels
Milestone
Comments
Owner changed to builder@golang.org. |
Owner changed to @dsymonds. |
Also, I double-checked and the code has some protection against huge message sizes. With a specific example it might be possible to harden that further. It would also be easy to allow programmer control of the upper limit of a message size or slice, but I am reluctant to do that because of the clumsiness and brittleness that would result. |
One obvious thing I thought of is that if a slice or string (or similar) is encoded with a very large length, and there's not that many bytes in the stream, then there's no point in allocating memory for what is obviously an invalid message. However, gob is a stream encoding, so that doesn't make so much sense. Status changed to WaitingForReply. |
Here's a start with a framework for adding more test types. Kinds of fuzzing could also still be expanded. It's turned up two bugs though: gotest -test.run=TestFuzzBug1 panic: runtime error: makeslice: len out of range [recovered] panic: interface conversion: interface is runtime.errorString, not gob.gobError gotest -test.run=TestFuzzBug2 an infinite loop or something that takes a really long time. It's tricky to build more tests at present because I frequently hit one of these two. Attachments:
|
This issue was closed by revision 9440d82. Status changed to Fixed. |
This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The text was updated successfully, but these errors were encountered: