diff options
| author | Damien Neil <dneil@google.com> | 2024-01-16 15:37:52 -0800 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2024-03-05 18:31:56 +0000 |
| commit | 16e5d24480dca7ddcbdffb78a8ed5de3e5155dec (patch) | |
| tree | ef96dc356836fc01f720486be044406f276208aa /src/database | |
| parent | 821bf37819ec170cadbc9e44a7471f7613611c41 (diff) | |
| download | go-16e5d24480dca7ddcbdffb78a8ed5de3e5155dec.tar.xz | |
net/textproto, mime/multipart: avoid unbounded read in MIME header
mime/multipart.Reader.ReadForm allows specifying the maximum amount
of memory that will be consumed by the form. While this limit is
correctly applied to the parsed form data structure, it was not
being applied to individual header lines in a form.
For example, when presented with a form containing a header line
that never ends, ReadForm will continue to read the line until it
runs out of memory.
Limit the amount of data consumed when reading a header.
Fixes CVE-2023-45290
Fixes #65383
Change-Id: I7f9264d25752009e95f6b2c80e3d76aaf321d658
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2134435
Reviewed-by: Roland Shoemaker <bracewell@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/569341
Reviewed-by: Carlos Amedee <carlos@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Diffstat (limited to 'src/database')
0 files changed, 0 insertions, 0 deletions