Malformed crashdump causes OOM by allocating far too much memory

Question

Malformed crashdump causes OOM by allocating far too much memory

5225225 opened this issue 3 years ago · 2 comments

On the base64 decoded data of TURNUJOnAAAA/2ZmZFlmZmZmZkAKCmZwCrv///8K/wo=, it OOMs when parsing through the minidump::Minidump::read(data) method, and when running minidump-stackwalk (version 0.9.6), I get

# minidump-stackwalk crash.txt          
memory allocation of 45097156624 bytes failed
zsh: abort (core dumped)  minidump-stackwalk crash.txt

Answer 1 · 2022-01-03T22:07:53.000Z

I think this is related to #326.
Also ❤️ @5225225 I also saw your getsentry/symbolic#476 which shows a very similar issue.

Answer 2 · 2022-01-03T22:30:42.000Z

Yeah, both this crate and symbolic seems incredibly underfuzzed (as in, not at all) considering what they're doing.

I wouldn't expect any RCE or anything, it's Rust, not $memory_unsafe_language, but still, it would be nice if whatever processes crashes doesn't crash itself :D