derat
commented
4 years ago (Oh, and I'm happy to provide a PR if any of those proposed fixes sound good.)
Closed derat closed 4 years ago
derat
commented
4 years ago (Oh, and I'm happy to provide a PR if any of those proposed fixes sound good.)
derat
commented
4 years ago Thanks for the quick reply! Yes, that seems like it would work -- memory consumption would be bounded by the size of the input.
Is https://github.com/remko/go-mkvparse/pull/5 along the lines of what you're thinking? (I'm also adding some error-checking that looks like it might've been missing.)
remko
commented
4 years ago That looks great, thanks!
Btw, I think the issue of too large blocks may still need to be addressed at some point in one way or another, in the case the MKV file is being streamed (which would still allow memory to be exhausted).
I noticed (while accidentally parsing the middle of an MKV container) that it's quite easy to cause a panic in
parseElementby supplying data that is interpreted as an element with an excessively-large size. The panic occurs in thedata := make([]byte, size)call in the non-master-element case:For example, I'm able to trigger this by passing
[]byte{0xa3, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, which I believe corresponds to a SimpleBlock element of length 2^64-1. This makes it hard to use this package to parse untrusted data.Would it be reasonable to have a maximum element size? I'm not familiar enough with the MKV spec to know if it would make sense to hardcode a limit in go-mkvparse, or if users should be able to specify one (perhaps via a function on the
Handlerinterface, or if you want to avoid non-backward-compatible changes, by makingParseaccept a new...Optionarg in the pattern described at e.g. https://www.sohamkamani.com/golang/options-pattern/).And thanks for making this package! I had trouble finding any other EBML/MKV parsers that would actually let me access raw block data.