Skip to content

userdata: fix out-of-bounds panic in Get#359

Open
aojea wants to merge 1 commit intogoogle:mainfrom
aojea:get_common_oob
Open

userdata: fix out-of-bounds panic in Get#359
aojea wants to merge 1 commit intogoogle:mainfrom
aojea:get_common_oob

Conversation

@aojea
Copy link
Contributor

@aojea aojea commented Mar 6, 2026

The Get function previously attempted to slice the userdata buffer before verifying that the buffer was large enough to contain the declared length. This would cause a panic when processing truncated or malformed data.

This patch adds a bounds check to ensure the remaining slice length is sufficient before performing the sub-slice operation.

Added a regression test to verify that malformed TLV data is handled gracefully without panicking.

@aojea
userdata: fix out-of-bounds panic in Get
6a6c2c5 
The Get function previously attempted to slice the userdata buffer before
verifying that the buffer was large enough to contain the declared length.
This would cause a panic when processing truncated or malformed data.

This patch adds a bounds check to ensure the remaining slice length is
sufficient before performing the sub-slice operation.

Added a regression test to verify that malformed TLV data is handled
gracefully without panicking.

Signed-off-by: Antonio Ojea <aojea@google.com>
@aojea
Copy link
Contributor Author

aojea commented Mar 6, 2026

/assign @nickgarlis @stapelberg

@aojea aojea mentioned this pull request Mar 6, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@nickgarlis nickgarlis nickgarlis approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aojea @nickgarlis