[Python]: DOS through Decompression

[am0o0]

Query PR

https://github.com/github/codeql/pull/13557

Language

Python

CVE(s) ID list

• CVE-2023-22898
• also there is a CVE which is relevant to zipfile STD itself.

CWE

No response

Report

Extracting Compressed files with any compression algorithm like gzip can cause to denial of service attacks. Attackers can compress a huge file which created by repeated similar byte and convert it to a small compressed file. Added modeling for multiple CLI third parties. I've added FileAndFormRemoteFlowSource module which is related to all queries that need a file as their user provided remote flow sources. in this module I added support of file and form of FastAPI framework. I tried my best to add as much sanitizers as possible. if you have another idea about sanitizers I can write more sanitizers too.

Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).

• [X] Yes
• [ ] No

Blog post link

No response

[Kwstubbs]

hello @amammad do you have a database for CVE-2023-22898

[ghsecuritylab]

Your submission is now in status Test run.

For information, the evaluation workflow is the following: Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

[ghsecuritylab]

Your submission is now in status Query review.

For information, the evaluation workflow is the following: Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

[ghsecuritylab]

Your submission is now in status Final decision.

For information, the evaluation workflow is the following: Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

[xcorail]

Created Hackerone report 2375747 for bounty 551597 : [777] [Python]: DOS through Decompression

[ghsecuritylab]

Your submission is now in status Closed.

For information, the evaluation workflow is the following: Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed