demostf/parser
1
0
Fork 0
mirror of https://codeberg.org/demostf/parser.git synced 2026-06-05 02:54:10 +02:00
Code Issues Releases Wiki Activity

harden against dos with crafted input by limiting reserved vec/map size

Browse source
This commit is contained in:
Robin Appelman 2020-01-19 22:13:12 +01:00
commit 3caadadb3b
7 changed files with 14 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/demo/sendprop.rs
View file

@ -11,6 +11,7 @@ use crate::demo::packet::datatable::SendTableName;
use crate::demo::parser::MalformedSendPropDefinitionError;
use parse_display::Display;
use serde::export::TryFrom;
use std::cmp::min;
use std::convert::TryInto;
use std::fmt;
use std::rc::Rc;
@ -423,7 +424,7 @@ impl SendPropValue {
) + 1;
let count = stream.read_int(num_bits as usize)?;
let mut values = Vec::with_capacity(count);
let mut values = Vec::with_capacity(min(count, 128));
let child_definition = definition
.array_property