Denial of service via HAMT Decoding Bug

# Summary
Trying to read malformed HAMT sharded directories can cause  memory leaks.


# Description
If you are reading untrusted user input, an attacker can then trigger a memory leaks. Because there is no size limit for the child nodes of the HAMT bucket here.
there is a similar [vulnerablity](https://github.com/advisories/GHSA-q264-w97q-q778)
The fix can be something like [this](https://github.com/ipfs/go-unixfs/commit/dbcc43ec3e2db0d01e8d80c55040bba3cf22cb4b).
In [js-hamt-sharding,](https://github.com/ipfs/js-hamt-sharding/blob/01086c075d57b1051f15b31d2434b98a926ed37c/src/bucket.ts#L6). there is similarly no corresponding logic for size limits on child nodes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Denial of service via HAMT Decoding Bug #421

Summary

Description

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Denial of service via HAMT Decoding Bug #421

Description

Summary

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions