Add MAX_STRING_SIZE limit to sandbox string multiplication#2149
Closed
kodareef5 wants to merge 1 commit intopallets:mainfrom
Closed
Add MAX_STRING_SIZE limit to sandbox string multiplication#2149kodareef5 wants to merge 1 commit intopallets:mainfrom
kodareef5 wants to merge 1 commit intopallets:mainfrom
Conversation
SandboxedEnvironment limits range() via MAX_RANGE to prevent DoS from
large sequences, but does not limit string multiplication. A template
expression like {{ "A" * 10**9 }} allocates 1GB of memory instantly.
Add MAX_STRING_SIZE (default 1,000,000) and a safe_mul function that
checks result size before performing string repetition. Wire it into
the default binop_table and intercepted_binops so the sandbox
intercepts * operations by default.
Normal arithmetic multiplication, small string repetition, and list
multiplication are all unaffected. Only str * int exceeding the limit
is blocked.
Member
|
Set resource limits in the os, docker container, etc. Trying to limit the resource use from within the process is an impossible surface to cover. Please review our security policy to learn how to responsibly report issues. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
SandboxedEnvironmentlimitsrange()viaMAX_RANGEto prevent DoS from large sequences, but does not limit string multiplication. A template expression like{{ "A" * 10**9 }}allocates 1GB of memory instantly in any application rendering untrusted templates in a sandbox.This adds
MAX_STRING_SIZE(default 1,000,000) and asafe_mulfunction that checks result size before performing string repetition. The*operator is added tointercepted_binopsby default so the check applies automatically.Unaffected operations:
{{ 6 * 7 }}→42{{ "ab" * 5 }}→ababababab{{ [1,2] * 3 }}→[1, 2, 1, 2, 1, 2]{{ 3.14 * 2 }}→6.28Blocked:
{{ "A" * 10000000 }}→OverflowErrorAll 911 existing tests pass.