"In infinistore.cpp, within the on_read function, I’ve reviewed the context but haven't found any validation for body_size. Is there a risk of memory exhaustion from specially crafted malicious packets? I haven't had enough time to audit the entire codebase."
// prepare for reading body
client->expected_bytes_ = client->header_.body_size;
client->bytes_read_ = 0;
client->tcp_recv_buffer_ =
(char *)realloc(client->tcp_recv_buffer_, client->expected_bytes_);
client->state_ = READ_BODY;
}
"In infinistore.cpp, within the on_read function, I’ve reviewed the context but haven't found any validation for body_size. Is there a risk of memory exhaustion from specially crafted malicious packets? I haven't had enough time to audit the entire codebase."
// prepare for reading body
client->expected_bytes_ = client->header_.body_size;
client->bytes_read_ = 0;
client->tcp_recv_buffer_ =
(char *)realloc(client->tcp_recv_buffer_, client->expected_bytes_);
client->state_ = READ_BODY;
}