unknownproto

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 30, 2020 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

unknownproto implements functionality to "type check" protobuf serialized byte sequences against an expected proto.Message to report:

a) Unknown fields in the stream -- this is indicative of mismatched services, perhaps a malicious actor

b) Mismatched wire types for a field -- this is indicative of mismatched services

Its API signature is similar to proto.Unmarshal([]byte, proto.Message) in the strict case

if err := RejectUnknownFieldsStrict(protoBlob, protoMessage, false); err != nil {
        // Handle the error.
}

and ideally should be added before invoking proto.Unmarshal, if you'd like to enforce the features mentioned above.

By default, for security we report every single field that's unknown, whether a non-critical field or not. To customize this behavior, please set the boolean parameter allowUnknownNonCriticals to true to RejectUnknownFields:

if err := RejectUnknownFields(protoBlob, protoMessage, true); err != nil {
        // Handle the error.
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RejectUnknownFields

func RejectUnknownFields(bz []byte, msg proto.Message, allowUnknownNonCriticals bool) (hasUnknownNonCriticals bool, err error)

RejectUnknownFields rejects any bytes bz with an error that has unknown fields for the provided proto.Message type with an option to allow non-critical fields (specified as those fields with bit 11) to pass through. In either case, the hasUnknownNonCriticals will be set to true if non-critical fields were encountered during traversal. This flag can be used to treat a message with non-critical field different in different security contexts (such as transaction signing). This function traverses inside of messages nested via google.protobuf.Any. It does not do any deserialization of the proto.Message.

func RejectUnknownFieldsStrict

func RejectUnknownFieldsStrict(bz []byte, msg proto.Message) error

RejectUnknownFieldsStrict rejects any bytes bz with an error that has unknown fields for the provided proto.Message type. This function traverses inside of messages nested via google.protobuf.Any. It does not do any deserialization of the proto.Message.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL