Mirrors/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2026-05-21 13:26:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: reject malformed network input in parsers (#1340)

Browse Source 
## Summary
- validate handshake metadata field lengths before fixed-size reads
- reject truncated multicast advertisements before slicing the hash
payload
- add regression tests for malformed and truncated input

## Why
Both parsers currently trust length information from the incoming
payload a bit too much. Malformed network input can reach fixed-size
reads/slices and panic the process instead of being rejected cleanly.

## Testing
- go test ./...
This commit is contained in:
Alex Melan
2026-04-11 14:04:12 +03:00
committed by GitHub
parent 2527290bfd
commit bc72b106b7
4 changed files with 126 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/multicast/advertisement.go
View File

@@ -26,14 +26,18 @@ func (m *multicastAdvertisement) MarshalBinary() ([]byte, error) {
}
func (m *multicastAdvertisement) UnmarshalBinary(b []byte) error {
if len(b) < ed25519.PublicKeySize+8 {
const headerLen = ed25519.PublicKeySize + 8
if len(b) < headerLen {
return fmt.Errorf("invalid multicast beacon")
}
m.MajorVersion = binary.BigEndian.Uint16(b[0:2])
m.MinorVersion = binary.BigEndian.Uint16(b[2:4])
m.PublicKey = append(m.PublicKey[:0], b[4:4+ed25519.PublicKeySize]...)
m.Port = binary.BigEndian.Uint16(b[4+ed25519.PublicKeySize : 6+ed25519.PublicKeySize])
dl := binary.BigEndian.Uint16(b[6+ed25519.PublicKeySize : 8+ed25519.PublicKeySize])
m.Hash = append(m.Hash[:0], b[8+ed25519.PublicKeySize:8+ed25519.PublicKeySize+dl]...)
dl := int(binary.BigEndian.Uint16(b[6+ed25519.PublicKeySize : 8+ed25519.PublicKeySize]))
if len(b) < headerLen+dl {
return fmt.Errorf("invalid multicast beacon")
}
m.Hash = append(m.Hash[:0], b[headerLen:headerLen+dl]...)
return nil
}