potential DoS issue with allow_bignum
karenetheridge opened this issue · comments
This ran for a minute on my machine before hitting a limit (probably memory):
$ time perl -MMath::BigInt -wle'Math::BigInt->new("1e99999999999");'
Killed: 9
real 1m16.313s
user 0m25.732s
sys 0m43.108s
Would it be feasible to wrap some sort of guard around the parsing of bignums, either in maximum/minimum value permitted, or a maximum amount of time to spend parsing? Otherwise, when parsing json files from external sources with allow_bignum
turned on, there is a DoS vector.
Similar DOS vectors exist in perl5, like perl -e'$a[9223372000]=0'' and there is no interest there. You'll need to reboot then.
cperl has you covered btw