Join GitHub today
MPR7765: integer overflows when unmarshaling a bigarray #1718
Malicious or corrupted marshaled data can result in a bigarray
I believe there are other sources of security issues when unmarshaling malicious blocks, cf https://caml.inria.fr/mantis/view.php?id=7765#c19000
I'm in favor of documenting the unmarshaler as being unsafe in such a scenario (and I'm also in favor of merging this PR, of course).