From 71b31a0063e0f5aeefd6956ed10d530f4237239e Mon Sep 17 00:00:00 2001 From: leonardo-albertovich Date: Tue, 14 Nov 2023 20:55:07 +0100 Subject: [PATCH] core: memory exhaustion bug fix (#45) Signed-off-by: Leonardo Alminana --- include/ctraces/ctr_variant_utils.h | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/include/ctraces/ctr_variant_utils.h b/include/ctraces/ctr_variant_utils.h index c338be1..d8f2516 100644 --- a/include/ctraces/ctr_variant_utils.h +++ b/include/ctraces/ctr_variant_utils.h @@ -22,6 +22,10 @@ #include +#define CFL_VARIANT_UTILS_MAXIMUM_FIXED_ARRAY_SIZE 100 +#define CFL_VARIANT_UTILS_INITIAL_ARRAY_SIZE 100 +#define CFL_VARIANT_UTILS_SERIALIZED_ARRAY_SIZE_LIMIT 100000 + /* These are the only functions meant for general use, * the reason why the kvlist packing and unpacking * functions are exposed is the internal and external @@ -226,12 +230,25 @@ static inline int unpack_cfl_array(mpack_reader_t *reader, entry_count = mpack_tag_array_count(&tag); - internal_array = cfl_array_create(entry_count); + if (entry_count >= CFL_VARIANT_UTILS_SERIALIZED_ARRAY_SIZE_LIMIT) { + return -2; + } + + if (entry_count >= CFL_VARIANT_UTILS_MAXIMUM_FIXED_ARRAY_SIZE) { + internal_array = cfl_array_create(CFL_VARIANT_UTILS_INITIAL_ARRAY_SIZE); + } + else { + internal_array = cfl_array_create(entry_count); + } if (internal_array == NULL) { return -3; } + if (entry_count >= CFL_VARIANT_UTILS_MAXIMUM_FIXED_ARRAY_SIZE) { + cfl_array_resizable(internal_array, CFL_TRUE); + } + for (index = 0 ; index < entry_count ; index++) { result = unpack_cfl_variant(reader, &entry_value);