Issue 11094044: code review 11094044: goprotobuf: fix integer overflows.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Issue 11094044: code review 11094044: goprotobuf: fix integer overflows.

Can't Edit
Can't Publish+Mail
Start Review

Created:
10 years, 9 months ago by agl1

Modified:
10 years, 9 months ago

Reviewers:
dsymonds

CC:
dsymonds, golang-dev

Visibility:
Public.

Description

goprotobuf: fix integer overflows. 1) It's possible to panic the decoder by overflowing a length check. 2) (minor) the decoder was silently truncating varints that were larger than 64 bits. This isn't strictly a problem, but it could lead to a situation where a different decoder could decode a given message differently. Thus, if the message was vetted by one decoder and processed by another, an attacker could exploit this difference.

Patch Set 1 #

Patch Set 2 : diff -r c31cbc77cd48 https://code.google.com/p/goprotobuf #

Patch Set 3 : diff -r c31cbc77cd48 https://code.google.com/p/goprotobuf #

Patch Set 4 : diff -r c31cbc77cd48 https://code.google.com/p/goprotobuf #

Created: 10 years, 9 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+39 lines, -11 lines)			Patch
	M	proto/all_test.go	View	1	1 chunk	+14 lines, -0 lines	0 comments	Download
	M	proto/decode.go	View	1 2	11 chunks	+25 lines, -11 lines	0 comments	Download

Messages

Total messages: 4

Expand All Messages | Collapse All Messages

agl1

Hello golang-dev@googlegroups.com (cc: golang-dev@googlegroups.com), I'd like you to review this change to https://code.google.com/p/goprotobuf

10 years, 9 months ago (2013-07-10 13:17:46 UTC) #1

dsymonds

10 years, 9 months ago (2013-07-13 04:55:35 UTC) #4

*** Submitted as
https://code.google.com/p/goprotobuf/source/detail?r=efc3fe235756 ***

goprotobuf: fix integer overflows.

1) It's possible to panic the decoder by overflowing a length check.

2) (minor) the decoder was silently truncating varints that were larger than 64
bits. This isn't strictly a problem, but it could lead to a situation where a
different decoder could decode a given message differently. Thus, if the message
was vetted by one decoder and processed by another, an attacker could exploit
this difference.

R=dsymonds
CC=golang-dev
https://codereview.appspot.com/11094044

Committer: David Symonds <dsymonds@golang.org>

Expand All Messages | Collapse All Messages