Skip to content
This repository has been archived by the owner on Nov 4, 2023. It is now read-only.

Protect readLine() against DoS #403

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

zcarroll4
Copy link
Contributor

@zcarroll4 zcarroll4 commented Oct 5, 2023

This change hardens all BufferedReader#readLine() operations against memory exhaustion.

There is no way to call readLine() safely since it is, by its nature, a read that must be terminated by the stream provider. Furthermore, a stream of data provided by an untrusted source could lead to a denial of service attack, as attackers can provide an infinite stream of bytes until the process runs out of memory.

Fixing it is straightforward using an API which limits the amount of expected characters to some sane limit. This is what our changes look like:

+ import io.github.pixee.security.BoundedLineReader;
  ...
  BufferedReader reader = getReader();
- String line = reader.readLine(); // unlimited read, can lead to DoS
+ String line = BoundedLineReader.readLine(reader, 5_000_000); // limited to 5MB
More reading

Powered by: pixeebot (codemod ID: pixee:java/limit-readline)

@zcarroll4
Copy link
Contributor Author

@Fiz-Victor here

@Sevtinge Sevtinge force-pushed the main branch 2 times, most recently from 68b6271 to a4a697c Compare October 11, 2023 10:45
@HChenX
Copy link
Member

HChenX commented Oct 30, 2023

Do we also need this modification if our project does not have network links?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants