go-ipld-prime's DAG-CBOR and DAG-JSON decoders have unbounded recursion depth
Description
The DAG-CBOR and DAG-JSON decoders recurse on each nested map or list without a depth limit. A payload containing deeply nested collections causes the decoder to recurse once per level, growing the goroutine stack until the Go runtime terminates the process with a fatal stack overflow (distinct from a recoverable panic).
For DAG-CBOR, a payload of approximately 2 MB, consisting of repeated 0x81 (array-of-1) bytes followed by a terminator, produces around 2 million recursion frames and reliably exhausts Go's default 1 GB goroutine stack. The existing allocation budget does not prevent this: each nested collection header costs only a handful of budget units, so the stack is exhausted before the budget is. DAG-JSON has equivalent exposure via [[[...]]]-style payloads; it has no budget system and is therefore unprotected against recursion depth as well.
Schema-free decoding (using basicnode.Prototype.Any) allows arbitrary nesting depth. Schema-bound decoding bounds nesting only when the schema itself is non-recursive and contains no fields typed as Any; schemas with recursive type references or any Any-typed fields permit unconstrained nesting at those points.
The fix adds a configurable MaxDepth option to both decoders, defaulting to 1024 nested levels. The decoder returns ErrDecodeDepthExceeded when a payload nests beyond the limit. Well-formed IPLD data rarely approaches this depth in practice; the default is generous for legitimate use while preventing stack exhaustion.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Unbounded recursion in go-ipld-prime's DAG-CBOR and DAG-JSON decoders allows a crafted payload to cause a fatal stack overflow, fixed by adding a configurable MaxDepth limit.
Vulnerability
Description
The DAG-CBOR and DAG-JSON decoders in the go-ipld-prime library recursively process each nested map or list without enforcing a depth limit. A specially crafted payload containing deeply nested collections causes the decoder to recurse once per nesting level, growing the goroutine stack until the Go runtime terminates the process with a fatal stack overflow. This is distinct from a recoverable panic, making it a reliable denial-of-service vector [2].
Exploitation
For DAG-CBOR, a payload of approximately 2 MB, consisting of repeated 0x81 (array-of-1) bytes followed by a terminator, produces around 2 million recursion frames and exhausts Go's default 1 GB goroutine stack. The existing allocation budget does not prevent this because each nested collection header costs only a handful of budget units, so the stack is exhausted before the budget is. DAG-JSON has equivalent exposure via [[[...]]]-style payloads; it has no budget system and is therefore unprotected against recursion depth as well [2]. Schema-free decoding (using basicnode.Prototype.Any) allows arbitrary nesting depth. Schema-bound decoding bounds nesting only when the schema itself is non-recursive and contains no fields typed as Any; schemas with recursive type references or any Any-typed fields permit unconstrained nesting at those points [2].
Impact
An attacker can cause a denial-of-service condition by sending a relatively small payload (approximately 2 MB for DAG-CBOR) that forces the decoder to recurse deeply, leading to a fatal stack overflow and process termination. This affects any service that decodes untrusted IPLD data using the affected decoders [2].
Mitigation
The fix adds a configurable MaxDepth option to both decoders, defaulting to 1024 nested levels. The decoder returns ErrDecodeDepthExceeded when a payload nests beyond the limit. Well-formed IPLD data rarely approaches this depth in practice; the default is generous for legitimate use while preventing stack exhaustion [2]. Users should update to the patched version of go-ipld-prime and consider setting a lower MaxDepth if their application does not require deep nesting.
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/ipld/go-ipld-primeGo | < 0.23.0 | 0.23.0 |
Affected products
3- Range: < 0.23.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.