Request parameter validation #5

harlowja opened this Issue May 6, 2012 · 0 comments

1 participant


It seems like the incoming request parameters for EC2 are just blindly converted to python objects without actually performing any type of validation on them. This seems like it is a security hole and/or DOS attack (buffer sizes...) waiting to happen.

See: and which are a big part of this.

It seems like there is some basic level of support but I don't believe it is enough:


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment