Fix Antelope issues with memory checking #624
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Addresses the issues pointed out in #594, #595, #596, #597, #598, and #599.
The attack vector, as pointed out in the reports, is limited to when an attacker has access to insert DB queries directly, which should not be allowed for multiple reasons. Still, the reports will help remove some crashes on invalid input.
Next on the agenda is to create a new set of tests for storage (including tests for the aforementioned issues), but this will be addressed in a later PR.
Thanks to @cve-reporting for the report, and sorry for the late reply -- a long vacation just ended.
Fixes #594
Fixes #595
Fixes #596
Fixes #597
Fixes #598
Fixes #599