Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Malformed crashdump causes OOM by allocating far too much memory #381

Closed
5225225 opened this issue Jan 3, 2022 · 2 comments · Fixed by #404
Closed

Malformed crashdump causes OOM by allocating far too much memory #381

5225225 opened this issue Jan 3, 2022 · 2 comments · Fixed by #404

Comments

@5225225
Copy link
Contributor

5225225 commented Jan 3, 2022

On the base64 decoded data of TURNUJOnAAAA/2ZmZFlmZmZmZkAKCmZwCrv///8K/wo=, it OOMs when parsing through the minidump::Minidump::read(data) method, and when running minidump-stackwalk (version 0.9.6), I get

# minidump-stackwalk crash.txt          
memory allocation of 45097156624 bytes failed
zsh: abort (core dumped)  minidump-stackwalk crash.txt
@Swatinem
Copy link
Collaborator

Swatinem commented Jan 3, 2022

I think this is related to #326.
Also ❤️ @5225225 I also saw your getsentry/symbolic#476 which shows a very similar issue.

@5225225
Copy link
Contributor Author

5225225 commented Jan 3, 2022

Yeah, both this crate and symbolic seems incredibly underfuzzed (as in, not at all) considering what they're doing.

I wouldn't expect any RCE or anything, it's Rust, not $memory_unsafe_language, but still, it would be nice if whatever processes crashes doesn't crash itself :D

@Swatinem Swatinem mentioned this issue Jan 26, 2022
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Guard memory reservations with bounds checks getsentry/rust-minidump
2 participants
@Swatinem @5225225