Skip to content
This repository has been archived by the owner on Nov 4, 2023. It is now read-only.

Protect readLine() against DoS #403

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Protect readLine() against DoS #403

wants to merge 1 commit into from

Conversation

zcarroll4
Copy link
Contributor

@zcarroll4 zcarroll4 commented Oct 5, 2023
edited
Loading

This change hardens all BufferedReader#readLine() operations against memory exhaustion.

There is no way to call readLine() safely since it is, by its nature, a read that must be terminated by the stream provider. Furthermore, a stream of data provided by an untrusted source could lead to a denial of service attack, as attackers can provide an infinite stream of bytes until the process runs out of memory.

Fixing it is straightforward using an API which limits the amount of expected characters to some sane limit. This is what our changes look like:

+ import io.github.pixee.security.BoundedLineReader;
  ...
  BufferedReader reader = getReader();
- String line = reader.readLine(); // unlimited read, can lead to DoS
+ String line = BoundedLineReader.readLine(reader, 5_000_000); // limited to 5MB
More reading

Powered by: pixeebot (codemod ID: pixee:java/limit-readline)

@zcarroll4
Copy link
Contributor Author

@Fiz-Victor here

@HChenX
Copy link
Member

HChenX commented Oct 30, 2023

Do we also need this modification if our project does not have network links?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@zcarroll4 @HChenX