Potential DoS vulnerability via decompression bomb GO-S2110
Potential DoS vulnerability via decompression bomb
140 return err
141 }
142
143 if _, err := io.Copy(fd, tr); err != nil {144 return err
145 }
146 }Potential DoS vulnerability via decompression bomb
55
56 tw.WriteHeader(h)
57
58 if _, err := io.Copy(tw, tr); err != nil { 59 return nil, err
60 }
61 }
Description
A maliciously crafted archive may produce a large amount of data on decompression that may lead to a denial-of-service (DoS) attack on the application.
It is recommended to use io.CopyN instead of io.Copy and io.CopyBuffer to
control the number of bytes copied from the decompression reader.
Bad practice
package main
import (
"bytes"
"compress/zlib"
"io"
"os"
)
func foo(b io.Reader) {
r, err := zlib.NewReader(b)
if err != nil {
panic(err)
}
_, err = io.Copy(os.Stdout, r)
if err != nil {
panic(err)
}
r.Close()
}
Recommended
package main
import (
"bytes"
"compress/zlib"
"io"
"os"
)
func foo(b io.Reader) {
r, err := zlib.NewReader(b)
if err != nil {
panic(err)
}
_, err = io.CopyN(os.Stdout, r, 1024) // "n" may change depending on the application
if err != nil {
panic(err)
}
r.Close()
}