CVE-2026-29795
Received Received - Intake
String Length Validation Bypass in stellar-xdr StringM Component

Publication date: 2026-03-06

Last updated on: 2026-03-18

Assigner: GitHub, Inc.

Description
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::from_str does not validate that the input length is within the declared maximum (MAX). Calling StringM::<N>::from_str(s) where s is longer than N bytes succeeds and returns an Ok value instead of Err(Error::LengthExceedsMax), producing a StringM that violates its length invariant. This affects any code that constructs StringM values from string input using FromStr (including str::parse), and relies on the type's maximum length constraint being enforced. An oversized StringM could propagate through serialization, validation, or other logic that assumes the invariant holds. This issue has been patched in version 25.0.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-06
Last Modified
2026-03-18
Generated
2026-05-07
AI Q&A
2026-03-06
EPSS Evaluated
2026-05-05
NVD
CVE-2026-29795
EUVD
EUVD-2026-10071
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
stellar stellar-xdr to 25.0.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-29795 is a moderate severity vulnerability in the Rust crate stellar-xdr affecting versions up to 25.0.0. The issue is in the StringM::from_str method, which fails to enforce the maximum length constraint on input strings. Specifically, when calling StringM::<N>::from_str(s) with a string s longer than N bytes, the method incorrectly returns Ok instead of an error, resulting in a StringM instance that violates its length invariant.

This flaw impacts any code that constructs StringM values from string inputs using the FromStr trait (including str::parse) and relies on the maximum length validation. An oversized StringM can propagate through serialization, validation, or other logic that assumes the length invariant holds, potentially causing integrity issues.

The vulnerability was fixed in version 25.0.1 by changing the from_str implementation to route input through TryFrom<Vec<u8>>, which properly enforces the maximum length validation.


How can this vulnerability impact me? :

[{'type': 'paragraph', 'content': "This vulnerability can impact you by allowing the creation of StringM instances that exceed their declared maximum length, violating the type's length invariant."}, {'type': 'paragraph', 'content': 'Such oversized StringM values can propagate through serialization, validation, or other logic that assumes the length constraint is enforced, potentially leading to data integrity issues.'}, {'type': 'paragraph', 'content': 'While the vulnerability does not affect confidentiality or availability, it impacts integrity, meaning that data processed or stored may be corrupted or invalid due to the acceptance of oversized strings.'}] [1]


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability involves the `StringM::from_str` method in the stellar-xdr Rust crate incorrectly accepting strings longer than the declared maximum length without error. Detection involves identifying if your code or system uses vulnerable versions of the stellar-xdr crate (up to and including 25.0.0) and if it constructs `StringM` values from string inputs using `FromStr` or `str::parse` without additional length validation.'}, {'type': 'paragraph', 'content': 'To detect the vulnerability on your system, you can check the version of the stellar-xdr crate in use. For Rust projects, run the following command in your project directory to see the version:'}, {'type': 'list_item', 'content': 'cargo tree | grep rs-stellar-xdr'}, {'type': 'paragraph', 'content': 'If the version is 25.0.0 or earlier, your system is vulnerable. Additionally, you can audit your code for usage of `StringM::from_str` or `str::parse::<StringM>` calls without manual length checks.'}, {'type': 'paragraph', 'content': 'As a manual test, you can attempt to parse an oversized string using `StringM::from_str` in a controlled environment to see if it incorrectly succeeds. For example, in a Rust test or REPL:'}, {'type': 'list_item', 'content': 'let result = StringM::<3>::from_str("hello"); // "hello" is 5 bytes, exceeding max length 3'}, {'type': 'list_item', 'content': 'assert!(result.is_err()); // In vulnerable versions, this incorrectly returns Ok'}] [1, 4]


What immediate steps should I take to mitigate this vulnerability?

The primary and recommended mitigation is to upgrade the stellar-xdr crate to version 25.0.1 or later, where the vulnerability has been fixed by enforcing maximum length validation in `StringM::from_str`.

If upgrading immediately is not possible, you can apply the following workarounds:

  • Manually validate the byte length of input strings before calling `StringM::from_str` to ensure they do not exceed the maximum allowed length.
  • Use `StringM::try_from(s.as_bytes().to_vec())` instead of `StringM::from_str(s)`, as `try_from` correctly enforces the length constraint.

Review your codebase for any usage of `StringM::from_str` or `str::parse::<StringM>` and replace or guard these calls accordingly.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart