projects / platform / upstream / flatbuffers.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ffb3dec) | patch
Improved the verifier to be even more resilient.
authorWouter van Oortmerssen <wvo@google.com>
Fri, 22 Aug 2014 00:00:54 +0000 (17:00 -0700)
committerWouter van Oortmerssen <wvo@google.com>
Fri, 22 Aug 2014 21:14:32 +0000 (14:14 -0700)
commit11b743688c0fedd4cb561ea0bf4a1d9d81d5663c
tree989772e5dec0c90b6cbb7943b26297cff2329f2etree | snapshot
parentffb3dec573280414d9a3bf7b0d6c6289668a63dfcommit | diff
Improved the verifier to be even more resilient.

Theoretically, an attacker could construct a FlatBuffer with the
sole purpose of making verification really expensive, essentially
DOS-ing a server that uses verification on FlatBuffers. This adds
a max table depth and max table amount at which point the
verifier declares the buffer malformed.

Bug: 16301336
Change-Id: I6b098c31d030d24c19e852b33609110658e66aa9
Tested: on OS X
docs/source/CppUsage.md diff | blob | history
include/flatbuffers/flatbuffers.h diff | blob | history
src/idl_gen_cpp.cpp diff | blob | history
tests/monster_test_generated.h diff | blob | history
Domain: Machine Learning / ML Framework;