Home Explore Help
Sign In
txlyre
/
3x-ui
mirror of https://github.com/MHSanaei/3x-ui
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

fix(client): guard against int overflow in ClientWithAttachments marshal

CodeQL flagged go/allocation-size-overflow on len(rec)+len(extra) feeding
make's capacity. Not exploitable in practice (both come from json.Marshal
of bounded structs), but add an explicit MaxInt guard to silence the
analyzer and make the precondition obvious.
MHSanaei 21 hours ago
parent
66f946ee54
commit
788c979ad1
1 changed files with 4 additions and 0 deletions
Unified View Show Diff Stats
  1. 4 0
      web/service/client.go

+ 4 - 0
web/service/client.go
View File 

@@ -6,6 +6,7 @@ import (
 
 	"encoding/json"
 
 	"encoding/json"
 
 	"errors"
 
 	"errors"
 
 	"fmt"
 
 	"fmt"
 
+	"math"
 
 	"strings"
 
 	"strings"
 
 	"sync"
 
 	"sync"
 
 	"time"
 
 	"time"
 
@@ -47,6 +48,9 @@ func (c ClientWithAttachments) MarshalJSON() ([]byte, error) {
 
 	if len(rec) < 2 || rec[len(rec)-1] != '}' || len(extra) <= 2 {
 
 	if len(rec) < 2 || rec[len(rec)-1] != '}' || len(extra) <= 2 {
 
 		return rec, nil
 
 		return rec, nil
 
 	}
 
 	}
 
+	if len(extra) > math.MaxInt-len(rec) {
 
+		return rec, nil
 
+	}
 
 	out := make([]byte, 0, len(rec)+len(extra))
 
 	out := make([]byte, 0, len(rec)+len(extra))
 
 	out = append(out, rec[:len(rec)-1]...)
 
 	out = append(out, rec[:len(rec)-1]...)
 
 	if len(rec) > 2 {
 
 	if len(rec) > 2 {