beginRaw does not check for excessive lengths
Closed this issue · 1 comments
Hackerpilot commented
The code for beginRaw
currently looks like this:
void beginRaw(in size_t length)
{
if (length < 32) {
...
} else if (length < 65536) {
...
} else {
const temp = convertEndianTo!32(length);
...
}
}
The convertEndianTo
function does not check for lengths too large to fit in 32 bits, so it's possible to generate invalid MessagePack output with very large byte arrays.
repeatedly commented
Ah, I see. Thanks for pointhing this out!