Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

archive, image, debug, encoding, x/net/html: DO NOT PANIC #47653

Open
FiloSottile opened this issue Aug 11, 2021 · 0 comments
Open

archive, image, debug, encoding, x/net/html: DO NOT PANIC #47653

FiloSottile opened this issue Aug 11, 2021 · 0 comments
Assignees
Labels
Milestone

Comments

@FiloSottile
Copy link
Contributor

@FiloSottile FiloSottile commented Aug 11, 2021

We have a number of packages that implement parsers where a panic might lead to a Denial of Service, but returning an invalid input error instead would be perfectly harmless. We should wrap them all in a recover() and prevent the panic from propagating, as a robustness and defense in depth measure.

We need to be careful about preserving documented panic conditions, and about not leaving behind persistent state that might be corrupt following a panic.

Ideas for other packages that can benefit are welcome. Crypto packages were intentionally left out, as we should be confident in their operation. math/big has a lot of entry points and persistent state by definition (and we have a plan to drag it out of the security perimeter).

/cc @golang/security

@FiloSottile FiloSottile added this to the Go1.18 milestone Aug 11, 2021
@FiloSottile FiloSottile self-assigned this Aug 11, 2021
@FiloSottile FiloSottile changed the title archive, image, encoding, x/net/html: DO NOT PANIC archive, image, debug, encoding, x/net/html: DO NOT PANIC Aug 27, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant