Skip to content

fix: bound control-stream decompressor output against input size#21

Merged
minagishl merged 4 commits into
mainfrom
bugfix/issue-2-control-stream-decompression-bombs
Jun 29, 2026
Merged

fix: bound control-stream decompressor output against input size#21
minagishl merged 4 commits into
mainfrom
bugfix/issue-2-control-stream-decompression-bombs

Conversation

@minagishl

@minagishl minagishl commented Jun 29, 2026

Copy link
Copy Markdown
Member

Summary

  • Add DEFAULT_MAX_DECODE_OUTPUT_RATIO (1024) and check_decode_output_bytes so decompressors reject cumulative output larger than input_len * ratio (capped by DEFAULT_MAX_DECODE_COUNT)
  • Apply output-budget checks to control-stream RLE, Huffman, and FSE decoders, plus vector RLE (decode_u64_rle / decode_i64_rle)
  • Add regression tests for crafted decompression-bomb payloads across all three codecs

Related Issue

Closes #2

Type of Change

  • Bug fix
  • New feature
  • Refactor
  • Documentation
  • Chore / dependency update

Testing

  • cargo test — all 75 tests pass
  • cargo fmt --all
  • cargo clippy --all-targets --all-features
  • Added tests: control_stream_rle_rejects_decompression_bomb, control_stream_huffman_rejects_decompression_bomb, control_stream_fse_rejects_decompression_bomb, wire_extend_repeat_rejects_output_ratio_bomb

Checklist

  • Tests added or updated (optional)
  • Documentation updated (if applicable)
  • No breaking changes (or breaking changes are documented above)

Note

Medium Risk
Security-focused decode hardening across multiple decompressors; behavior change rejects previously accepted malicious inputs but should not affect valid payloads within the ratio cap.

Overview
Adds output-ratio limits on decode paths so tiny compressed payloads cannot expand into huge in-memory buffers (decompression bombs).

Wire layer: Introduces DEFAULT_MAX_DECODE_OUTPUT_RATIO (1024), max_decode_output_bytes, check_decode_output_bytes, and extend_repeat_with_budget, which rejects cumulative output above input_len × ratio (capped by DEFAULT_MAX_DECODE_COUNT). extend_repeat now delegates to the budgeted helper.

Decoders: Vector RLE (decode_u64_rle / decode_i64_rle) parses runs first, then expands using only bytes consumed for the RLE header as the budget—not the full column buffer. Control-stream RLE, Huffman, and FSE apply the same checks; Huffman/FSE also pre-check declared output length and cap Vec capacity.

API: Re-exports DEFAULT_MAX_DECODE_OUTPUT_RATIO from the crate root.

Tests: Regression coverage for ratio bombs on wire helpers, vector RLE (including trailing junk bytes), and control-stream RLE/Huffman/FSE via TwilicCodec.

Reviewed by Cursor Bugbot for commit 0a5c455. Bugbot is set up for automated code reviews on this repo. Configure here.

@github-actions

Copy link
Copy Markdown

Invisible characters check

No suspicious invisible characters detected in the PR diff.

Comment thread src/codec.rs

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Stale comment

Risk: medium. Not approving: Cursor Bugbot completed with a skipped/neutral check and reported 1 unresolved finding (vector RLE output-ratio budget uses trailing bytes). Human review is needed before merge; no additional reviewers were assigned because the PR author is the sole repository collaborator.

Open in Web View Automation 

Sent by Cursor Approval Agent: Pull Request Router and Approver

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using high effort and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 30fb134. Configure here.

Comment thread src/protocol.rs

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Stale comment

Risk: medium. Not approving: Cursor Bugbot check skipped and reported 1 unresolved finding (control-stream RLE output-ratio budget uses full input slice length). Human review is needed before merge; no additional reviewers were assigned because the PR author is the sole repository collaborator.

Open in Web View Automation 

Sent by Cursor Approval Agent: Pull Request Router and Approver

cursoragent and others added 2 commits June 29, 2026 09:59
Co-authored-by: minagishl <minagishl@users.noreply.github.com>
Co-authored-by: minagishl <minagishl@users.noreply.github.com>

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Risk: medium. Not approving: Cursor Bugbot check passed on the latest commit but no corresponding Bugbot review comment was found for HEAD. Human review is needed before merge; no additional reviewers were assigned because the PR author is the sole repository collaborator.

Open in Web View Automation 

Sent by Cursor Approval Agent: Pull Request Router and Approver

@minagishl minagishl merged commit 1e177ae into main Jun 29, 2026
9 checks passed
@minagishl minagishl deleted the bugfix/issue-2-control-stream-decompression-bombs branch June 29, 2026 10:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

bug: control-stream (RLE / Huffman / FSE) decompression bombs

2 participants