Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

May panic due to too large capacity #193

Open
StevenJiang1110 opened this issue Dec 15, 2020 · 1 comment
Open

May panic due to too large capacity #193

StevenJiang1110 opened this issue Dec 15, 2020 · 1 comment

Comments

@StevenJiang1110
Copy link

StevenJiang1110 commented Dec 15, 2020
edited
Loading

If we provide a capacity too large, the program may crash.
The code to replay the crash is as below.

let capacity = 673957684733028;
let _ = json::object::Object::with_capacity(capacity);

I run the code on my x86-64 machine, ubuntu18.04, and the error report is
截屏2020-12-15 下午2 06 19
I think it's better to restrict the capacity and return a Result instead of letting it crash alone, especially on x64 machine, where the length of usize is 64bits.
The above is found by afl.rs.
Thanks a lot.
@StevenJiang1110
Copy link
Author

Another similar overflow panic issue is about json::parse(). If I pass a very long str, it may crash due to overflow.
I put the replay file at https://github.com/StevenJiang1110/afl_rust_crashes/tree/main/json/replay_json53-1.
I think it's better to restrict the input string len.
The above is found by afl.rs.
Thanks a lot.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@StevenJiang1110