Skip to content

Added hardened boundary condition checks. #71

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Mar 17, 2022
Merged

Added hardened boundary condition checks. #71

merged 13 commits into from
Mar 17, 2022

Conversation

@JonathanHenson
Copy link
Contributor

@JonathanHenson JonathanHenson commented Jan 5, 2022

added some assertions and error checking. Also removed some OOM handling since that's no longer possible.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@JonathanHenson JonathanHenson requested a review from a team January 5, 2022 01:42
graebm
graebm reviewed Jan 5, 2022
View reviewed changes
bretambrose
bretambrose approved these changes Mar 17, 2022
View reviewed changes
source/event_stream.c
header.header_value_type = (enum aws_event_stream_header_value_type) * buffer;
buffer++;
aws_byte_cursor_read_u8(&buffer_cur, &header.header_name_len);
AWS_RETURN_ERROR_IF(header.header_name_len <= INT8_MAX, AWS_ERROR_EVENT_STREAM_MESSAGE_INVALID_HEADERS_LEN);
Copy link
Contributor

@bretambrose bretambrose Mar 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I stared at this macro name thinking "what the hell?" for about 5 minutes before looking up the definition and seeing the !

Unfortunate.

@bretambrose bretambrose merged commit 53691ff into main Mar 17, 2022
@bretambrose bretambrose deleted the boundary_hardening branch March 17, 2022 18:01
sertonix added a commit to sertonix/aws-c-event-stream that referenced this pull request Oct 10, 2025
@sertonix
Fix on big-endian
d4e06c9 
Writing to the first byte of a multi-byte int value is inconsistent
between endianess. Using a uint8_t value in between allows for correct
results on big-endian systems as well.

Fixes 53691ff Added hardened boundary condition checks. (awslabs#71)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@graebm graebm graebm left review comments

@bretambrose bretambrose bretambrose approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JonathanHenson @bretambrose @graebm