Inicio Explorar Axuda
Iniciar sesión
txlyre
/
3x-ui
réplica de https://github.com/MHSanaei/3x-ui
1
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

fix(client): guard against int overflow in ClientWithAttachments marshal

CodeQL flagged go/allocation-size-overflow on len(rec)+len(extra) feeding
make's capacity. Not exploitable in practice (both come from json.Marshal
of bounded structs), but add an explicit MaxInt guard to silence the
analyzer and make the precondition obvious.
MHSanaei hai 3 semanas
pai
66f946ee54
achega
788c979ad1
Modificáronse 1 ficheiros con 4 adicións e 0 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 4 0
      web/service/client.go

+ 4 - 0
web/service/client.go
Ver ficheiro 

@@ -6,6 +6,7 @@ import (
 
 	"encoding/json"
 
 	"errors"
 
 	"fmt"
 
+	"math"
 
 	"strings"
 
 	"sync"
 
 	"time"
 
@@ -47,6 +48,9 @@ func (c ClientWithAttachments) MarshalJSON() ([]byte, error) {
 
 	if len(rec) < 2 || rec[len(rec)-1] != '}' || len(extra) <= 2 {
 
 		return rec, nil
 
 	}
 
+	if len(extra) > math.MaxInt-len(rec) {
 
+		return rec, nil
 
+	}
 
 	out := make([]byte, 0, len(rec)+len(extra))
 
 	out = append(out, rec[:len(rec)-1]...)
 
 	if len(rec) > 2 {