dorian
/
paramiko
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Limit memory allocation of get_bytes to 1MB 

If get_bytes() can pad unlimited, a RSA pub key could be crafted
that would allocate GB's of nulls, thereby forming a DoS-vector.
This commit is contained in:
Maarten 2012-11-30 15:14:49 +01:00
parent 0ae0e9800c
commit 3bbcf808d8
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
paramiko/message.py
View File

@ -110,7 +110,8 @@ class Message (object):
@rtype: string @rtype: string
""" """
b = self.packet.read(n) b = self.packet.read(n)
if len(b) < n: max_pad_size = 1<<20 # Limit padding to 1 MB
if len(b) < n and n < max_pad_size:
return b + '\x00' * (n - len(b)) return b + '\x00' * (n - len(b))
return b return b