Search before asking
Version
v0.17.0
Component(s)
Go
Minimal reproduce step
Run these tests -
func TestReadLatin1OOMBug(t *testing.T) {
// Missing Error Check Causes Unbounded Rune Allocation
// We claim a massive size of 10,000 bytes, but provide an empty buffer.
buf := NewByteBuffer(nil)
err := &Error{}
// readLatin1 doesn't read the length itself, it takes it as an argument
result := readLatin1(buf, 10000, err)
// Before the fix, this allocates a slice of 10000 runes (zeros) and returns it as a string of null bytes.
// After the fix, it should return an empty string immediately when bounds check fails.
require.True(t, err.HasError(), "Expected an error due to out of bounds buffer")
require.Equal(t, "", result, "Expected an empty string due to missing data")
}
func TestReadInt32SliceOOMBug(t *testing.T) {
// Unbounded Allocation in Primitive Slice Deserializers
// We claim a size of 40,000 bytes, but provide no actual data.
buf := NewByteBuffer(nil)
buf.WriteLength(40000)
// Reset reader index so we can read what we just wrote
buf.SetReaderIndex(0)
err := &Error{}
result := ReadInt32Slice(buf, err)
// Before the fix, this allocates a slice of 10000 int32s (zeros) and returns it.
// After the fix, it should return an empty/nil slice immediately when bounds check fails.
assert.True(t, err.HasError(), "Expected an error due to out of bounds buffer")
assert.Equal(t, 0, len(result), "Expected an empty slice due to missing data")
}
Are you willing to submit a PR?
Search before asking
Version
v0.17.0
Component(s)
Go
Minimal reproduce step
Run these tests -
Are you willing to submit a PR?