Uploaded image for project: 'MariaDB Connector/R2DBC'
  1. MariaDB Connector/R2DBC
  2. R2DBC-117

Cap numeric-string length before BigDecimal/BigInteger parsing to prevent CPU-exhaustion DoS

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • None
    • 1.4.1
    • other
    • None

    Description

      in case of MITM server sending super long String value for new BigDecimal(String) and new BigInteger(String) result in java parsing the is O(n²) time, possibly resulting in CPU-exhaustion DoS.

      Those string size will be limited as 1024 chars.
      (The 1024 cap is comfortably above any legitimate value (MariaDB DECIMAL maxes at 65 digits) keeping worst-case parse time sub-millisecond.

      Thanks to tonghuaroot for the report.

      Attachments

        Activity

          People

            diego dupin Diego Dupin
            diego dupin Diego Dupin
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.