Opened 3 weeks ago
Last modified 2 weeks ago
#36768 closed Cleanup/optimization
File.__iter__() Quadratic-time DoS — at Version 3
| Reported by: | wooseokdotkim | Owned by: | |
|---|---|---|---|
| Component: | File uploads/storage | Version: | dev |
| Severity: | Normal | Keywords: | concatenation |
| Cc: | wooseokdotkim | Triage Stage: | Ready for checkin |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description (last modified by )
I thought the code below could generate DoS, so I made a bug report
However, File._iter__() was not recognized as a bug because only one line was buffered and only worked for chunks returned from File.chunks, but it was determined that verification code for input should be added, so it was created as an open ticket.
The code pattern is similar to CVE-2023-36053, which is already released, so I think it needs to be modified.
code: django/core/files/base.py:89
def __iter__(self):
buffer_ = None
for chunk in self.chunks():
for line in chunk.splitlines(True):
if buffer_:
line = buffer_ + line # < Code!
How should I patch it?
Change History (3)
comment:1 by , 3 weeks ago
| Description: | modified (diff) |
|---|
comment:2 by , 3 weeks ago
| Cc: | added |
|---|
comment:3 by , 3 weeks ago
| Component: | Uncategorized → File uploads/storage |
|---|---|
| Description: | modified (diff) |
Note:
See TracTickets
for help on using tickets.