[Python-Dev] Fuzzing the Python standard library
paul at ganssle.io
Tue Jul 17 18:44:23 EDT 2018
In many languages numeric types can't hold arbitrarily large values, and I for one hadn't really previously recognized that if you read in a numeric value with an exponent that it would be represented *exactly* in memory (and thus one object with a very compact representation can take up huge amounts of memory). It's also not *inconceivable* that under the hood Python would represent fractions.Fraction("1.64E6646466664") "lazily" in some fashion so that it did not consume all the memory on disk.
It seems to me that "Hey by the way the size of this thing is unbounded and because of exponents small strings can expand to huge objects" is a good tip.
On 07/17/2018 06:15 PM, Michael Selik wrote:
> On Tue, Jul 17, 2018 at 4:57 PM Jussi Judin <jjudin+python at iki.fi <mailto:jjudin%2Bpython at iki.fi>> wrote:
> Quick answer: undocumented billion laughs/exponential entity expansion type of an attack that is accessible through web through any library that uses fractions module to parse user input (that are actually available on Github).
> Are you suggesting a warning in the fractions documentation to mention that large numbers require large amounts of memory?
> Python-Dev mailing list
> Python-Dev at python.org
> Unsubscribe: https://mail.python.org/mailman/options/python-dev/paul%40ganssle.io
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the Python-Dev