aligned_layer icon indicating copy to clipboard operation
aligned_layer copied to clipboard
Published 1 month ago verified publisher icon yetanotherco

fix(explorer): `fetch_batch_data_pointer` in `explorer` reads the entire response body without any limitation.

Open PatStiles opened this issue 1 year ago • 0 comments

Overview:

The fetch_batch_data_pointer function in the explorer is vulnerable to an OOM attack.

The function reads the entire response body without any limitation, which can lead to an OOM attack.

Detailed Behavior

During the processing of a new batch log, the explorer uses a mutex to prevent multiple indexation of the same batch. It periodically checks for new batch logs and processes them. If a batcher takes more time than the interval between two checks, the explorer will lose the other batch logs since it will provoke an OOM and crash the explorer.

Mitigation

Set a timeout for the request to prevent an OOM attack.

PatStiles avatar Sep 19 '24 15:09 PatStiles