56fc3fc572
Avoids a bleed out attack in which a node can be made to allocate memory slowly or very fast in small strides, by sending bad data to code that invokes NewAnyWithCustomTypeURL, in which we unconditionally returned a new Any object. On a 64-bit machine, this would waste 96 bytes per invocation even on error. Added a test to ensure zero allocations with a fixed error returned. Also added a benchmark which shows reduction in wasted allocations and wasted CPU time: ```shell $ benchstat before.txt after.txt name old time/op new time/op delta NewAnyWithCustomTypeURLWithErrorReturned-8 142ns ± 6% 55ns ±12% -61.65% (p=0.000 n=9+10) name old alloc/op new alloc/op delta NewAnyWithCustomTypeURLWithErrorReturned-8 96.0B ± 0% 0.0B -100.00% (p=0.000 n=10+10) name old allocs/op new allocs/op delta NewAnyWithCustomTypeURLWithErrorReturned-8 1.00 ± 0% 0.00 -100.00% (p=0.000 n=10+10) ``` Fixes #8537 |
||
|---|---|---|
| .. | ||
| legacy | ||
| types | ||
| unknownproto | ||
| amino_codec_test.go | ||
| amino_codec.go | ||
| amino.go | ||
| any_test.go | ||
| codec_common_test.go | ||
| codec.go | ||
| json.go | ||
| proto_codec_test.go | ||
| proto_codec.go | ||
| yaml_test.go | ||
| yaml.go | ||