Motivation:
e Snappy frame decoder function doesn't restrict the size of the compressed data (and the uncompressed data) which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well.
Modifications:
- Add various validations for the max allowed size of a chunk
- Skip bytes on the fly when an skippable chunk is handled
Result:
No more risk of OOME. Thanks to Ori Hollander of JFrog Security for reporting the issue.
537a0d4d81