Skip to content

Fix stability, resource, and correctness bugs#1780

Open
Thorium wants to merge 1 commit into
fsprojects:mainfrom
Thorium:audit-critical-fixes
Open

Fix stability, resource, and correctness bugs#1780
Thorium wants to merge 1 commit into
fsprojects:mainfrom
Thorium:audit-critical-fixes

Conversation

@Thorium

@Thorium Thorium commented Jul 6, 2026

Copy link
Copy Markdown
Member
  • HTML: decode hex charrefs (A) correctly; clamp table colspan/rowspan to spec limits (was OverflowException/OOM/hang on malicious spans); stack-safe HtmlNode.ToString (was uncatchable StackOverflow at ~5k nesting depth)
  • HTTP: CombinedStream no longer treats partial reads as EOF (silent multipart truncation) and drops the 2GB int overflow; Range supports bytes=N-/-N; body streams disposed even when an upload faults
  • CSV: skipRows survives re-enumeration of Rows; Save quotes headers, lone CR, and all document separators (round-trip corruption); Save(TextWriter) no longer disposes the caller-owned writer; reentrant enumeration synchronized
  • JSON: NaN/inf/1e300 floats route through JsonValue.Float instead of throwing OverflowException; stray '/' no longer swallowed as whitespace
  • Caching/IO: no Int32 overflow for >24.8-day expirations (could crash host); atomic temp-file-then-rename cache writes; conditional expiry removal; file-watcher subscriptions locked (IDE crash risk)
  • WorldBank: HTTP-200 error bodies validated before caching (30-day cache poisoning); empty topics no longer throw KeyNotFoundException; URL segments escaped with EscapeDataString (path injection)
  • XML: CreateRecord no longer corrupts structure for same-named nested paths
  • DesignTime: Interlocked instance ids, locked dispose-action set, web cache key includes Encoding/row-limit parameters

- HTML: decode hex charrefs (A) correctly; clamp table colspan/rowspan to
  spec limits (was OverflowException/OOM/hang on malicious spans); stack-safe
  HtmlNode.ToString (was uncatchable StackOverflow at ~5k nesting depth)
- HTTP: CombinedStream no longer treats partial reads as EOF (silent multipart
  truncation) and drops the 2GB int overflow; Range supports bytes=N-/-N;
  body streams disposed even when an upload faults
- CSV: skipRows survives re-enumeration of Rows; Save quotes headers, lone CR,
  and all document separators (round-trip corruption); Save(TextWriter) no
  longer disposes the caller-owned writer; reentrant enumeration synchronized
- JSON: NaN/inf/1e300 floats route through JsonValue.Float instead of throwing
  OverflowException; stray '/' no longer swallowed as whitespace
- Caching/IO: no Int32 overflow for >24.8-day expirations (could crash host);
  atomic temp-file-then-rename cache writes; conditional expiry removal;
  file-watcher subscriptions locked (IDE crash risk)
- WorldBank: HTTP-200 error bodies validated before caching (30-day cache
  poisoning); empty topics no longer throw KeyNotFoundException; URL segments
  escaped with EscapeDataString (path injection)
- XML: CreateRecord no longer corrupts structure for same-named nested paths
- DesignTime: Interlocked instance ids, locked dispose-action set, web cache
  key includes Encoding/row-limit parameters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant