[Zope-Checkins] CVS: Zope/lib/python/ZTUtils - Tree.py:1.6.6.10

Tres Seaver tseaver at zope.com
Thu Jan 8 16:02:36 EST 2004


Update of /cvs-repository/Zope/lib/python/ZTUtils
In directory cvs.zope.org:/tmp/cvs-serv6197/lib/python/ZTUtils

Modified Files:
      Tag: Zope-2_6-branch
	Tree.py 
Log Message:


  - The ZTUtils SimpleTree decompressed tree state data from the 
    request without checking for final size, which could allow for 
    certain types of DoS attacks.


=== Zope/lib/python/ZTUtils/Tree.py 1.6.6.9 => 1.6.6.10 ===
--- Zope/lib/python/ZTUtils/Tree.py:1.6.6.9	Tue Jul 15 13:05:47 2003
+++ Zope/lib/python/ZTUtils/Tree.py	Thu Jan  8 16:02:35 2004
@@ -277,16 +277,19 @@
             result = zresult
     return result
 
-def decodeExpansion(s, nth=None):
+def decodeExpansion(s, nth=None, maxsize=8192):
     '''Decode an expanded node map from a string.
 
     If nth is an integer, also return the (map, key) pair for the nth entry.
     '''
-    if len(s) > 8192: # Set limit to 8K, to avoid DoS attacks.
+    if len(s) > maxsize: # Set limit to avoid DoS attacks.
         raise ValueError('Encoded node map too large')
 
     if s[0] == ':': # Compressed state
-        s = zlib.decompress(a2b(s[1:]))
+        dec = zlib.decompressobj()
+        s = dec.decompress(a2b(s[1:]), maxsize)
+        if dec.decompress('', 1):
+            raise ValueError('Encoded node map too large')
     
     map = m = {}
     mstack = []




More information about the Zope-Checkins mailing list