Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Fix potential large memory allocation in DerInputStream #43

Merged
merged 2 commits into from
Jul 9, 2024
Merged

Fix potential large memory allocation in DerInputStream #43

merged 2 commits into from
Jul 9, 2024

Conversation

nhartner
Copy link
Contributor

@nhartner nhartner commented Jul 9, 2024

The object length limit check was adding 2 int values which could result in an overflow exception, allowing very large lengths to bypass the limit enforcement. Now the limit check casts the value to a long before doing addition to avoid integer overflow.

@nhartner
Fix potential large memory allocation in DerInputStream
bacdd1c 
The object length limit check was adding 2 int values which could result in an overflow exception, allowing very large lengths to bypass the limit enforcement.
Now the limit check casts the value to a long before doing addition to avoid integer overflow.
sappenin
sappenin approved these changes Jul 9, 2024
View reviewed changes
Copy link
Collaborator

@sappenin sappenin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@codecov-commenter
Copy link

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 82.77%. Comparing base (f50ad63) to head (c79b2cf).

Additional details and impacted files 
@@             Coverage Diff              @@
##             master      #43      +/-   ##
============================================
+ Coverage     82.32%   82.77%   +0.44%     
- Complexity      174      176       +2     
============================================
  Files            33       33              
  Lines          1126     1126              
  Branches         99       99              
============================================
+ Hits            927      932       +5     
+ Misses          153      149       -4     
+ Partials         46       45       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@nhartner nhartner merged commit 2efc064 into master Jul 9, 2024
1 check passed
@nhartner nhartner deleted the fix-integer-overflow-check branch July 9, 2024 23:06
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@sappenin sappenin sappenin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nhartner @codecov-commenter @sappenin