[cl-store-devel] On the security of cl-store
Nikolaus Demmel
demmeln at in.tum.de
Mon Mar 8 09:07:02 UTC 2010
Am 08.03.2010 um 00:06 schrieb Sean Ross:
> On 7 Mar 2010, at 19:20, Alex Mizrahi wrote:
>
> Quite right. As always, accepting input from untrusted sources is always going to open yourself
> to a number of potential security issues. The most cl-store will do is try not to
> execute arbitrary code. DOS attacks are part and parcel of accepting requests
> from all and sundry and is only recommended if absolutely necessary.
>
>>
>> Finally, one can DoS server by putting it into an infinite loop. This can be
>> achieved by sending a cyclical data structure where server code expects
>> simple one. Then iteration or recursive traversal will either hang in
>> indefinite loop or cause a stack overflow.
>
> This shouldn't be possible in cl-store as all cyclic data structures are detected
> and serialized/deserialized correctly (custom serialization/deserializations notwithstanding)
I guess what Alex is referring to is the possibility, that an attacker sends a packet with a cyclic list/data-structure in a place where the server code expects a simple one. If the server code dosn't check for cyclic data-structures and simply traverses them, it might loop forever. Here the problem is precisely the fact that cl-store does recover cycles correctly, so a solution might be to either disable that, or make sure the server doesn't choke on cycles in any possible places.
Regards,
Niko
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4623 bytes
Desc: not available
URL: <https://mailman.common-lisp.net/pipermail/cl-store-devel/attachments/20100308/04fe9a6d/attachment.bin>
More information about the cl-store-devel
mailing list