fix: check len of input (#2671)

Fixes #2628
block · Sep 13, 2024 · c16b0d6 · c16b0d6
1 parent ca2bde0
commit c16b0d6
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/internal/configuration/obfuscator.go b/internal/configuration/obfuscator.go
@@ -34,6 +34,9 @@ func (o Obfuscator) Obfuscate(input []byte) ([]byte, error) {
 	if err != nil {
 		return nil, fmt.Errorf("could not create cypher for obfuscation: %w", err)
 	}
+	if len(input) > 64*1024*1024 {
+		return nil, errors.New("value too large")
+	}
 	ciphertext := make([]byte, aes.BlockSize+len(input))
 	iv := ciphertext[:aes.BlockSize]
 	if _, err := io.ReadFull(rand.Reader, iv); err != nil {