mirror of
https://github.com/apple/swift-nio-extras.git
synced 2025-05-14 17:02:43 +08:00
de1c80ad1f
* fix crash in LengthFieldBasedFrameDecoder for malicious length values Motivation: LengthFieldBasedFrameDecoder will cause a fatal error if the length value does not fit into an `Int`. This can happen if `lengthFieldLength` is set to `.eight` and we are on a 64 bit platform or if `lengthFieldLength` is set to `.four` and we are on a 32-bit platform. If we then receive a length field value which is greater than `Int.max` the conversion from `UInt` to `Int` will cause a fatal error. This could be abused to crash a server by only sending 4 or 8 bytes. Modifications: safely convert UInt64 & UInt32 to Int and throw an error if they can't be represented as an Int Result: - LengthFieldBasedFrameDecoder with lengthFieldLength set to `.eight` can no longer crash the server on a 64-bit platform - LengthFieldBasedFrameDecoder with lengthFieldLength set to `.four` can no longer crash the server on a 32-bit platform * use early exit instead of XCTSkipIf * add support for `.eight` on 32-bit platforms * limit frame length to `Int32.max` * change test names * throw correct error * fix compilation for Swift 5.0 and add NIO prefix to error enum * add test for maximum allowed length and one above the maximum allowed length Signed-off-by: David Nadoba <dnadoba@gmail.com> * run XCTest script Signed-off-by: David Nadoba <dnadoba@gmail.com> Co-authored-by: Johannes Weiss <johannesweiss@apple.com>