IETF Logo Mail Archive

Re: [Cellar] Security considerations: recursive elements

Ashley Blewer <ashley.blewer@gmail.com> Wed, 17 January 2018 20:38 UTC

Return-Path: <ashley.blewer@gmail.com>
X-Original-To: cellar@ietfa.amsl.com
Delivered-To: cellar@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45F0812E896 for <cellar@ietfa.amsl.com>; Wed, 17 Jan 2018 12:38:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IeHtjDEK0SIQ for <cellar@ietfa.amsl.com>; Wed, 17 Jan 2018 12:38:53 -0800 (PST)
Received: from mail-qt0-x232.google.com (mail-qt0-x232.google.com [IPv6:2607:f8b0:400d:c0d::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65F1C12E89D for <cellar@ietf.org>; Wed, 17 Jan 2018 12:38:53 -0800 (PST)
Received: by mail-qt0-x232.google.com with SMTP id c2so24912733qtn.9 for <cellar@ietf.org>; Wed, 17 Jan 2018 12:38:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=pXwDXK+7Z+d8J2TcjiEcro1eIFpFx54MhKXby6dqOss=; b=iDx1RElPFQbygaOpPwdQXlhCGJXy4+SIjdv4Rlq4kQVOpwLI2l7jPBzmmCXM2B5Pey KPiSrpHQn1Px445Xrre5uYsRjqiNK3kWKPHs1hpk/WGKrhLvf/0ovdfJkdMS4pSftZD0 jwnaVQm8jUCkNSAUCyUEU/pVU4k5fv8EqKab7KgCHmnfT0WV9rbr0US1GVCZUI2jfix9 FcnzRD66ZFaagq6Em1MeFkrM9JbUL1kbfssATjVMdeFOld7CsJFkXbQ9/82ApNQB6KOD TKKFe6wMsT0xgbS/8IPslFAH3jLkNvTznbFJzCNDdvKL2H3esd7DxXhbwEVXb4vHhbG7 AS0A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=pXwDXK+7Z+d8J2TcjiEcro1eIFpFx54MhKXby6dqOss=; b=fsUg+09AFghsBDDia7Y0z6DK34ufiPPQwXGrgr+C7oXeytPIQR/+LTKiHbJMCsPvj5 +uLi1Cn8drRystMmyjFsnYCPT5UjZ76jnbqnFhOulwXHwnNgizzj9cBZryWVSWYYTuiE 6FsfZgJq1U2iU2G6JjCAP8w4u7+7uuDnS6vo6XCWFBuyoqdgop8mr18lpOzOoVZCs15z d3vzDxU6iadqLHpAsztIqfCwxAV6BqkDkArj1sy+A3rv8FmU5i9W5LMY/VCxGRN9W3E8 iO7sIOKYtoRqKK1BzwPxMK55xTj/Gjlv/U/iJR1A27G4Rvi3YJ0IPs7NzoZlbLUJsggN eLKA==
X-Gm-Message-State: AKwxytfkHMh8ynTOOggK/xQpRxVcCCcdGvV/93DHfoaDevtjbLet4IrG Habrw/IoonR2blXzsFARbsKrga4/Umnvo6yvoiA=
X-Google-Smtp-Source: ACJfBovFMAEaw2hxjT0onw7sazEuHBRE8hyPviFNy9CLzTEQnK+/DnAby23kMjgnImH5DxEeeO777nKo9+GCF25UXHs=
X-Received: by 10.55.212.69 with SMTP id l66mr50522727qki.252.1516221532485; Wed, 17 Jan 2018 12:38:52 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.83.163 with HTTP; Wed, 17 Jan 2018 12:38:51 -0800 (PST)
In-Reply-To: <CAHUoETL6+2XokNy5skB7dzjuzowoL8kV9gNLgd6HeJYiZcXpOQ@mail.gmail.com>
References: <CAHUoETL6+2XokNy5skB7dzjuzowoL8kV9gNLgd6HeJYiZcXpOQ@mail.gmail.com>
From: Ashley Blewer <ashley.blewer@gmail.com>
Date: Wed, 17 Jan 2018 15:38:51 -0500
Message-ID: <CAEk7qkE0nR9KLiC09hP7KO+HKhnfPWZ3t8Ft8amvy7fbKFft+Q@mail.gmail.com>
To: Michael Bradshaw <mjbshaw@google.com>
Cc: Codec Encoding for LossLess Archiving and Realtime transmission <cellar@ietf.org>
Content-Type: multipart/alternative; boundary="001a1149cc82d83dd20562fed525"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cellar/CY4SjoSOZ5rVPuDJP99O_7KFKYU>
Subject: Re: [Cellar] Security considerations: recursive elements
X-BeenThere: cellar@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Codec Encoding for LossLess Archiving and Realtime transmission <cellar.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cellar>, <mailto:cellar-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cellar/>
List-Post: <mailto:cellar@ietf.org>
List-Help: <mailto:cellar-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cellar>, <mailto:cellar-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jan 2018 20:38:55 -0000

I agree with this. +1

On Wed, Jan 17, 2018 at 3:33 PM, Michael Bradshaw <mjbshaw@google.com>
wrote:

> The EBML and Matroska specs currently don't mention the possibility of a
> stack overflow due to deeply nested recursive elements. Currently, there's
> no limit on the recursion depth (unless I've overlooked it somewhere).
>
> I think it would be worth adding to the security section of EBML that one
> type of attack on an EBML Reader could include deep element recursion.
>
> Additionally, I would like to see what people think about potentially
> adding/suggesting an upper limit on recursion (either as a MUST or a MAY).
> This could also include a lower limit too. For example, something like "a
> parser SHOULD handle recursion up to X levels deep, and MAY abort the parse
> if it reaches Y levels deep".
>
> Thoughts from others?
>
> _______________________________________________
> Cellar mailing list
> Cellar@ietf.org
> https://www.ietf.org/mailman/listinfo/cellar
>
>

v2.23.0 | Report a Bug | By Email