cb5c25ab4f
Today we read a vint from the stream to allocate the size of an array up-front before we start reading the values. This can be dangerous if for instance we read from a corrupted stream or if some manipulated bytes are send for instance from an attacker or a fuzzer. In most of the cases we can apply some best effort and validate the array size to be _sane_ by ensuring we can at read at least N bytes where N is the expected size of the array. |
||
|---|---|---|
| .. | ||
| licenses | ||
| src | ||
| build.gradle | ||