Bad Inputs cause unhandled exceptions and permanent hang

[kulgg]

Description
These bugs were gathered while Fuzzing the parsing function with Sharpfuzz and AFL.
On bad inputs an HL7Exception should be thrown but other exceptions occur on some inputs.

Exceptions and Inputs

• ArgumentOutOfRange
  b""
• System
  b"MSH|0|||||||00|||2.7"
• NullReference
  b"MSHH0\r"
• IndexOutOfRange
  b"MSH|0|||||||||||0"
• Regex
  b"MSH|^\x01\0|||||0||ACK^\|||2.2^0\r0|0|2^V~\\r0|0|00\r0)0"
• System
  b"MSH|0|0|0|0|0|0|0|20\x7f|0|0|2.7"
• Permanent Hang
  b"MSH|^|||||||^A|||2.2\r^AA"

Environmental Details

• OS: Ubuntu 20.04
• Target Framework netstandard2.0, net35, probably across all
• Version 3.0.0 preview 2

Additional context
The permanent hang would potentially be DoS exploitable depending on what context the library is used in.
I will create a pull request that fixes these bugs and adds them as tests.

[milkshakeuk]

@JlKmn thanks for this I will look at it & your pull request when I get chance.

[kulgg]

@milkshakeuk Great, once it is reviewed and merged I have deeper bugs of later Fuzzing Runs and fixes for them. I didn't want to have too much in one pull request.

[milkshakeuk]

@JlKmn, I am currently working on porting the newer PipeParser from hapi to fix certain issues caused by unexpected segments (probably fixes other things too).

The current PipeParser you have fuzzed will remain but be renamed LegacyPipeParser.

It's probably good to have these fixes in the LegacyPipeParser anyway but it might be useful if you could do the fuzzing again when the new PipeParser is in.

Is that something you could do?

[milkshakeuk]

@JlKmn I'm not 100% sure, I'm just writing the unit tests to finish the PR off.
Hopefully in the next day or so?

b"MSHH0\r"

whats the b for in front of your bad inputs?

[kulgg]

It's just to indicate that its python byte string output