python-rpm-spec icon indicating copy to clipboard operation
python-rpm-spec copied to clipboard
verified publisher icon bkircher

DoS with carefully crafted spec files

Open kraptor opened this issue 2 years ago • 0 comments

Currently, it's possible to trick replace_macros() to never return, causing a DoS to software using this library with carefully crafted spec files.

The offending code in replace_macros():

while True:
    ret = re.sub(_macro_pattern, get_replacement_string, string)
    if ret != string:
        string = ret
        continue
    return ret

The simplest fix would be to add a limit on maximum recursive macro substitutions.

kraptor avatar Sep 12 '23 18:09 kraptor