Snider/Mining
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Mining/pkg/ueps
History
Claude 3ef84c6166
Some checks failed
Test / test (push) Waiting to run
Details
Security Scan / security (push) Has been cancelled
Details
ax(ueps): guard tagValue index access against zero-length TLV values 
A malformed frame with length 0 for any single-byte tag (TagVersion,
TagCurrentLayer, TagTargetLayer, TagIntent) or fewer than 2 bytes for
TagThreatScore caused a runtime panic (index out of range) on untrusted
input. Added len(tagValue) bounds checks in ReadAndVerify before each
tagValue[0] and Uint16 access to eliminate the panic path.

Co-Authored-By: Charon <charon@lethean.io>
2026-04-02 14:20:39 +01:00
..
packet.go ax(ueps): expand MarshalAndSign comment to full usage example with error handling 2026-04-02 13:45:50 +01:00
packet_test.go ax(ueps): name magic secret literals in NewPacketBuilder tests 2026-04-02 14:12:18 +01:00
reader.go ax(ueps): guard tagValue index access against zero-length TLV values 2026-04-02 14:20:39 +01:00
reader_test.go ax(ueps): rename reader to frameReader in ReadAndVerify tests 2026-04-02 14:09:28 +01:00