https://sourceware.org/bugzilla/show_bug.cgi?id=26773

Josh Stone <jistone at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jistone at redhat dot com

--- Comment #2 from Josh Stone <jistone at redhat dot com> ---
(In reply to Tom Tromey from comment #1)
> This limits the number of bytes read-- but it seems like
> it maybe ought to read until the first byte without the
> high bit set.

Beware, golang just dealt with a CVE for reading unlimited varints:
https://github.com/golang/go/issues/40618

(But the context is different since that's used in stuff like protocol buffers
that may be streamed.)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to