Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Limit memory allocation of get_bytes to 1MB #116

Merged
merged 1 commit into from Feb 27, 2013
Merged

Conversation

@mvschaik
Copy link
Contributor

@mvschaik mvschaik commented Nov 30, 2012

If get_bytes() can pad unlimited, a RSA pub key could be crafted
that would allocate GB's of nulls, thereby forming a DoS-vector.

E.g. if the message would be '\x7f\xff\xff\xff...', get_string() could
throw a memory error or crash a system.

If get_bytes() can pad unlimited, a RSA pub key could be crafted
that would allocate GB's of nulls, thereby forming a DoS-vector.
@bitprophet
Copy link
Member

@bitprophet bitprophet commented Feb 27, 2013

Not being intimate with this part of the protocol, I originally wondered if there was ever a legit reason for pulling that much data out of a message stream (the only time get_bytes is used with arbitrary input is in get_string).

However a quick test with real world usage (Fabric pulling down a moderate amount of remote stdout) never sees any requests to get_bytes larger than 1024, so I'm guessing that a MB is a quite decent upper bound. Thanks!

bitprophet added a commit that referenced this pull request Feb 27, 2013
Limit memory allocation of get_bytes to 1MB
@bitprophet bitprophet merged commit 37d0247 into paramiko:master Feb 27, 2013
1 check passed
1 check passed
@bitprophet
default The Travis build passed
Details
bitprophet added a commit that referenced this pull request Feb 27, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants