Bug Report: ParseError Exception in TLVParser Crashes Stream Pipeline
Problem Description
When handling stream inputs, the 'ProtocolParser' performs a fallback over a sequence of parsers, falling back from the modern binary parser to the 'TLVParser'. But if the data stream contains an incomplete or truncated Type-Length-Value (TLV) payload then the 'TLVParser' lets a hard 'ParseError' exception escape from its execution block.
Rather than recording a clean, non-fatal diagnostic warning inside the 'ExecutionContext' and then skipping to subsequent frames, this unhandled exception completely bubbles out of the core processing loop, leading to an abrupt termination of the command-line utility and a crash of the ingestion pipeline.
Root Cause Analysis (RCA)
The vulnerability is in the main parsing loop of 'sigflow/parsers/tlv.py'.
//python code
tag, length = TLV.unpack_from(data, offset)
offset += TLV.size
if length > self.max_payload: context.warn("tlv-large", f"tag {tag} larger than max payload", offset)
break
value = self.require(offset, length, data)
Bug Report: ParseError Exception in TLVParser Crashes Stream Pipeline
Problem Description
When handling stream inputs, the 'ProtocolParser' performs a fallback over a sequence of parsers, falling back from the modern binary parser to the 'TLVParser'. But if the data stream contains an incomplete or truncated Type-Length-Value (TLV) payload then the 'TLVParser' lets a hard 'ParseError' exception escape from its execution block.
Rather than recording a clean, non-fatal diagnostic warning inside the 'ExecutionContext' and then skipping to subsequent frames, this unhandled exception completely bubbles out of the core processing loop, leading to an abrupt termination of the command-line utility and a crash of the ingestion pipeline.
Root Cause Analysis (RCA)
The vulnerability is in the main parsing loop of 'sigflow/parsers/tlv.py'.
//python code
tag, length = TLV.unpack_from(data, offset)
offset += TLV.size
if length > self.max_payload: context.warn("tlv-large", f"tag {tag} larger than max payload", offset)
break
value = self.require(offset, length, data)