Prevent excessive memory allocation while decoding
breml opened this issue · 2 comments
breml commented
I played around with go-fuzz (https://github.com/dvyukov/go-fuzz) to find possible problems in this go package.
Until now I did not discover any crashes, but I found some unchecked memory allocations, where it is possible a huge amount of memory with specially crafted packets, because the respective lengths, privided in the sflow package are not checked against an upper limit.
I tried to find some reasonable maximum values and suggest:
- for maximum record length: MAX_PKT_SIZ (65536) from sflow reference implementation: https://github.com/sflow/sflowtool/blob/bd3df6e11bdf8261a42734c619abfe8b46e1202f/src/sflowtool.c#L4313
- for maximum header length: maximum transmission unit (MTU), as the header of a network packet may not exceed the MTU.
breml commented
Just found out, there is a better maximum value for header length: https://github.com/sflow/sflowtool/blob/bd3df6e11bdf8261a42734c619abfe8b46e1202f/src/sflowtool.h#L28
Preetam commented
Thanks!