net: limit the size of ParseIP input? #43389
Maybe net.ParseIP shouldn't successfully parse IP addresses out of unbounded inputs?
Of course, in both those cases the data is already fully in memory, so most the harm has been done if this is attacker-controlled.
Still, a bit surprising. Intentional?
Some parsers reject past 3 digits per octet, so
The text was updated successfully, but these errors were encountered: