-
Notifications
You must be signed in to change notification settings - Fork 12.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vulnerability to attacks because there is no size limit #48788
Comments
This is a function on the standard input though? What is the threat model? That you DoS your own computer? |
That is not limited to Tokio. TcpStream from standard library could be wrapped by BufReader. `use std::io::{BufRead, BufReader}; fn main() {
} |
This somewhat feels like something the user should be aware of. It's also not clear to me that there's much we can/should do about this -- an arbitrary limit on our side would be decidedly odd (and potentially break some use cases). Users using and of the |
I guess adding |
That should be done via |
We discussed this during libs triage today and the conclusion was that we didn't consider this a bug to fix in libstd but would of course be more than willing to update the documentation. As a result I'm reclassifying as a documentation issue. |
Note to future selves: if we put a note about this on |
…_until-doc, r=Dylan-DPC Add a warning about infinite reading in read_(until|line) Fix for rust-lang#48788. This PR adds a warning to [`BufRead::read_line`](https://doc.rust-lang.org/stable/std/io/trait.BufRead.html#method.read_line) and [`BufRead::read_until`](https://doc.rust-lang.org/stable/std/io/trait.BufRead.html#method.read_until) about the possibility of an attack using the behaviour of these functions. I did not mention a possible fix (using [`Read::take`](https://doc.rust-lang.org/stable/std/io/trait.Read.html#method.take), should I ?
If the added doc is deemed sufficient, this should be closed, though I do not know who to ping for that. |
rust/src/libstd/io/stdio.rs
Line 274 in 2789b06
read_line function seems vulnerable to attack. If an attacker sends data continually without "\r\n" the size of buffer (String) would keep growing without a limit.
tokio
The text was updated successfully, but these errors were encountered: