Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle unrecognized fields #392

Open
cthulhu-rider opened this issue Apr 12, 2022 · 0 comments
Open

Handle unrecognized fields #392

cthulhu-rider opened this issue Apr 12, 2022 · 0 comments
Labels
discussion Open discussion of some problem I1 High impact S1 Highly significant U4 Nothing urgent

Comments

@cthulhu-rider
Copy link
Contributor

cthulhu-rider commented Apr 12, 2022
edited
Loading

Unrecognized fields can be detected during unmarshaling of binary protobuf messages. These fields can carry sensitive data, so it seems that software should process them in a special way, such as denial of service or redirection to other parties.

Since almost all messages are signed/verified, unrecognized fields force verification failure even in case of correct signing. In this scenario sender will receive INCORRECT_SIGNATURE response status which is definitely unexpected.

I propose to think about possible reactions of applications on unrecognized fields and provide some functionality to catch/process them.
@cthulhu-rider cthulhu-rider added enhancement Improving existing functionality triage labels Apr 12, 2022
@roman-khimov roman-khimov added discussion Open discussion of some problem U4 Nothing urgent S1 Highly significant I1 High impact and removed triage enhancement Improving existing functionality labels Dec 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussion Open discussion of some problem I1 High impact S1 Highly significant U4 Nothing urgent
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@roman-khimov @cthulhu-rider