1
1
mirror of https://github.com/wader/fq.git synced 2024-11-27 06:04:47 +03:00

Merge pull request #47 from wader/matroska-max-tag-size-only-strings

matroska: Assert sane tag size only for strings
This commit is contained in:
Mattias Wadman 2022-01-01 19:46:39 +01:00 committed by GitHub
commit ce64d5854c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -178,14 +178,27 @@ func decodeMaster(d *decode.D, bitsLimit int64, tag ebml.Tag, dc *decodeContext)
// The end of a Master-element with unknown size is determined by the beginning of the next // The end of a Master-element with unknown size is determined by the beginning of the next
// element that is not a valid sub-element of that Master-element // element that is not a valid sub-element of that Master-element
// TODO: should also handle garbage between // TODO: should also handle garbage between
const maxTagSize = 100 * 1024 * 1024 const maxStringTagSize = 100 * 1024 * 1024
tagSize := d.FieldUFn("size", decodeVint, d.RequireURange(0, maxTagSize)) tagSize := d.FieldUFn("size", decodeVint)
if tagSize > 8 && // assert sane tag size
(a.Type == ebml.Integer || // TODO: strings are limited for now because they are read into memory
a.Type == ebml.Uinteger || switch a.Type {
a.Type == ebml.Float) { case ebml.Integer,
d.Fatalf("invalid tagSize %d for non-master type", tagSize) ebml.Uinteger,
ebml.Float:
if tagSize > 8 {
d.Fatalf("invalid tagSize %d for number type", tagSize)
}
case ebml.String,
ebml.UTF8:
if tagSize > maxStringTagSize {
d.Errorf("tagSize %d > maxStringTagSize %d", tagSize, maxStringTagSize)
}
case ebml.Binary,
ebml.Date,
ebml.Master:
// nop
} }
optionalMap := func(sm scalar.Mapper) scalar.Mapper { optionalMap := func(sm scalar.Mapper) scalar.Mapper {