Headline
CVE-2022-28946: ast/parser: guard against invalid domains for "some" and "every" (#4548) · open-policy-agent/opa@e9d3828
An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service (DoS) via triggering out-of-range memory access.
Permalink
Browse files
ast/parser: guard against invalid domains for “some” and “every” (#4548)
These would cause a runtime exception when attempting to parse
some internal.member\_2()
This is due to a technicality in how
some x in xs
is parsed: `x in xs` will first become `internal.member_2(x, xs)`, and `some internal.member_2(x, xs)` is then further processed. The assumption that there’re always two (resp. three for internal.member_3) arguments won’t hold if a snippet like the one above is fed into the parser.
Thanks to Norbert Szetei of Doyensec, @doyensec, for reporting this.
Signed-off-by: Stephan Renatus [email protected]
- Loading branch information
Showing with 24 additions and 1 deletion.
- +18 −1 ast/parser.go
- +6 −0 ast/parser_test.go