Prevent decompression bomb
TRY THIS RULE ID: go-security/decompression-bomb
Language: Go
Severity: Warning
Category: Security
CWE : 409
Description Reading continuously from a compressed file without any limit of bytes may read too much data and lead to a denial of service (DoS). Prefer reading data by chunks of bytes.
Learn More Non-Compliant Code Examples package main
import (
"bytes"
"compress/bzip2"
"io"
"os"
)
func main () {
buff := [] byte { 42 , 51 }
b := bytes . NewReader ( buff )
r , err := zlib . NewReader ( b )
if err != nil {
panic ( err )
}
_ , err = io . CopyBuffer ( os . Stdout , r )
if err != nil {
panic ( err )
}
r . Close ()
}
package main
import (
"bytes"
"compress/zlib"
"io"
"os"
)
func main () {
buff := [] byte { 42 , 51 }
b := bytes . NewReader ( buff )
r , err := zlib . NewReader ( b )
if err != nil {
panic ( err )
}
_ , err = io . Copy ( os . Stdout , r )
if err != nil {
panic ( err )
}
r . Close ()
}
Compliant Code Examples package main
import (
"bytes"
"compress/bzip2"
"io"
"os"
)
func main () {
buff := [] byte { 42 , 51 }
b := bytes . NewReader ( buff )
r , err := zlib . NewReader ( b )
if err != nil {
panic ( err )
}
_ , err = io . CopyN ( os . Stdout , r , 64 )
if err != nil {
panic ( err )
}
r . Close ()
}
Seamless integrations. Try Datadog Code Analysis