[Mono-bugs] [Bug 434581] New: BinaryReader.ReadString() vulnerability concerning 7 bit encoded length
bugzilla_noreply at novell.com
bugzilla_noreply at novell.com
Sun Oct 12 04:41:34 EDT 2008
https://bugzilla.novell.com/show_bug.cgi?id=434581
Summary: BinaryReader.ReadString() vulnerability concerning 7 bit
encoded length
Product: Mono: Class Libraries
Version: unspecified
Platform: x86
OS/Version: Windows XP
Status: NEW
Severity: Minor
Priority: P5 - None
Component: System
AssignedTo: mono-bugs at lists.ximian.com
ReportedBy: awunwpa7 at yahoo.com.ph
QAContact: mono-bugs at lists.ximian.com
Found By: Beta-Customer
BinaryReader.ReadString() is not implemented as in the MS framework.
Execute the below code in dotNET, and you will get a FormatException that
addresses the exact error in the input data.
MONO (2.0 final) instead reads all bytes (a thousand!) and then tells you, that
it can't read anymore. It would be good to limit reading to five bytes, since
it is impossible that there are more.
Repro code:
int count = 1000;
byte[] x = new byte[count];
for (int i = 0; i < count; i++) x[i] = 0xFF;
BinaryReader Rdr = new BinaryReader(new MemoryStream(x));
string t = Rdr.ReadString();
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the mono-bugs
mailing list