From 376cea3a7e2c790391bf51fb3d0e4626746a6ca9 Mon Sep 17 00:00:00 2001 From: Alexey Galakhov Date: Mon, 2 Jul 2018 18:11:00 +0200 Subject: [PATCH] frame: reject frames that are too big for the RAM Fixes #34. Signed-off-by: Alexey Galakhov --- src/protocol/frame/frame.rs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/protocol/frame/frame.rs b/src/protocol/frame/frame.rs index 1dc19be..cbecfc3 100644 --- a/src/protocol/frame/frame.rs +++ b/src/protocol/frame/frame.rs @@ -344,11 +344,17 @@ impl Frame { None }; + // Make sure `length` is not too big (fits into `usize`). + if length > usize::max_value() as u64 { + return Err(Error::Capacity(format!("Message length too big: {}", length).into())); + } + if size < header_length || size - header_length < length { cursor.set_position(initial); return Ok(None) } + // Size is checked above, so it won't be truncated here. let mut data = Vec::with_capacity(length as usize); if length > 0 { unsafe { @@ -520,7 +526,6 @@ mod tests { 0x83, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, ]); - let frame_none = Frame::parse(&mut raw).unwrap(); - assert!(frame_none.is_none()); + let _ = Frame::parse(&mut raw); // should not crash } }