Skip to content

πŸ›‘οΈ Sentinel: Fix Remote DoS via malformed packets#30

Open
ChristopheHD wants to merge 2 commits intomasterfrom
sentinel-fix-remote-dos-1009602674474980442
Open

πŸ›‘οΈ Sentinel: Fix Remote DoS via malformed packets#30
ChristopheHD wants to merge 2 commits intomasterfrom
sentinel-fix-remote-dos-1009602674474980442

Conversation

@ChristopheHD
Copy link
Owner

@ChristopheHD ChristopheHD commented Feb 5, 2026

This PR addresses a Remote DoS vulnerability where malformed packets passing CRC checks could crash communicator threads due to missing bounds checks during specialized packet parsing. It also includes performance optimizations to the main parsing loop.

PR created automatically by Jules for task 1009602674474980442 started by @ChristopheHD

@google-labs-jules @ChristopheHD
πŸ›‘οΈ Sentinel: [CRITICAL/HIGH] Fix Remote DoS via malformed packets
be2149d 
🚨 Severity: CRITICAL/HIGH
πŸ’‘ Vulnerability: A Remote Denial of Service (DoS) vulnerability existed in the packet parsing logic. Malformed packets with valid CRC but insufficient internal data triggered IndexError in communicator threads, causing them to terminate.
🎯 Impact: An attacker could remotely crash EnOcean communicator services (Serial or TCP) by sending specifically crafted malformed packets.
πŸ”§ Fix:
- Added explicit bounds checking in Packet subclasses (RadioPacket, UTETeachInPacket, etc.).
- Wrapped packet instantiation in Packet.parse_msg with a try...except block to gracefully handle unexpected parsing failures.
- Optimized sync byte searching in Packet.parse_msg for better performance and resource exhaustion prevention.
βœ… Verification:
- Added `test_malformed_packet_robustness` to `enocean/protocol/tests/test_packet.py`.
- Verified with reproduction script that malformed packets no longer crash the TCPCommunicator.
- All existing tests pass.

Co-authored-by: ChristopheHD <16214389+ChristopheHD@users.noreply.github.com>
@google-labs-jules
Copy link

google-labs-jules bot commented Feb 5, 2026

πŸ‘‹ Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a πŸ‘€ emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

For security, I will only act on instructions from the user who triggered this task.

@coveralls
Copy link

coveralls commented Feb 5, 2026
edited
Loading

Pull Request Test Coverage Report for Build 21714552800

Details

  • 7 of 51 (13.73%) changed or added relevant lines in 2 files are covered.
  • 4 unchanged lines in 1 file lost coverage.
  • Overall coverage decreased (-0.2%) to 39.674%
Changes Missing Coverage Covered Lines Changed/Added Lines %
enocean/protocol/packet.py 0 44 0.0%
Files with Coverage Reduction New Missed Lines %
enocean/protocol/packet.py 4 0.0%
Totals Coverage Status
Change from base Build 21713516422: -0.2%
Covered Lines: 511
Relevant Lines: 1288
πŸ’› - Coveralls

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ChristopheHD @coveralls