Re: Security concern about open range integers (was: Question about: 4.1.1 Integer representation) from Martin Thomson on 2013-10-21 (ietf-http-wg@w3.org from October to December 2013)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 21 Oct 2013 16:08:59 -0700
To: Fred Akalin <akalin@google.com>
Cc: Roberto Peon <grmocg@gmail.com>, Frédéric Kayser <f.kayser@free.fr>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABkgnnWKzUV-ZvtPyLJHXFGoE7PRUZsdyGY7YOUqH_Sd3KM_KA@mail.gmail.com>

On 21 October 2013 15:55, Fred Akalin <akalin@google.com> wrote:
> although doing it via masks seems too tricky.

That's the great thing with our specifications.  You can do it however you want.

Personally, I wouldn't ever want to go anywhere near 2^32 or even 2^31
for header field name or value lengths.  So my overflow detection
would be far cruder even than that.  I'd accumulate to a 32-bit value
and blow up if the n-th byte (maybe the 4th) had the first bit set.
No risk that way.

Greater risks come to those who want to sail closer to the reef, of course.

Received on Monday, 21 October 2013 23:09:27 UTC