OscParser.IsBundleTagAtIndex Access Violation Crash

Something caused an access violation in the [OscParser.IsBundleTagAtIndex](https://github.com/stella3d/OscCore/blob/01d7c0434591afe9264381c4ea1a79f42f6854ac/Runtime/Scripts/OscParser.cs#L275-L278) method.

![image](https://user-images.githubusercontent.com/737888/156672856-86a71031-c40e-48b2-af86-e3d45c56e0f2.png)
![image](https://user-images.githubusercontent.com/737888/156672868-eff8ff8a-bbfa-49b5-8e8a-2b1ffd340a27.png)

@TCL987 witnessed the issue and mentioned the following to me:

There's a few concerning potential memory issues here. There is a bounds check here but it only checks that the current offset fits.

```
// the inner while loop runs once per bundle element
while (MessageOffset < byteLength && !recurse)
```

Immediately afterwards it reads four more bytes without checking that they're in bounds, and then passes the uint it read into parser.IsBundleTagAtIndex without checking that it's in bounds.

```
var messageSize = (int) parser.MessageValues.ReadUIntIndex(MessageOffset);
var contentIndex = MessageOffset + 4;

if (parser.IsBundleTagAtIndex(contentIndex))
{
    // this bundle element's contents are a bundle, break out to the outer loop to scan it
    MessageOffset = contentIndex;
    recurse = true;
    continue;
}
```

Parser.IsBundleTagAtIndex doesn't do any bounds checks, and the caller isn't doing any either so it goes out of range and crashes.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OscParser.IsBundleTagAtIndex Access Violation Crash #11

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

OscParser.IsBundleTagAtIndex Access Violation Crash #11

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions