-
Notifications
You must be signed in to change notification settings - Fork 310
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integer overflow when parsing long URL #870
Comments
I have another URL of this kind, along with a reproducer directly in the Rust playground. The panic only happens in debug mode due to an integer overflow. In release mode, there is an Idna error. |
Here is another Rust playground example of the same overflow, but using a smaller URL. |
And another new test-case, which fails in the same spot. clusterfuzz-testcase-minimized-gix-url-parse-5849655294164992.zip It's sad that the fuzzer keeps creating new cases for the same issue, and I will stop reporting these here now. |
Fixed by #877 |
When parsing the attached URL (long.url.zip) with
url::Url::parse()
when compiled with overflow checks, there will be an overflow inidna
with the panic.Without overflow checks, the same will cause an
IdnaError
to be created, but won't panic.Since the URL is very long, I suppose that this issue can be prevented by avoiding to parse unrealistically long host and domain names, which makes this issue related to #868 .
The text was updated successfully, but these errors were encountered: