...
This guideline is a specific example of the more general guideline IDS18-J. Check for inputs that would cause excessive resource consumption.
Noncompliant Code Example
This noncompliant code fails to check the resource consumption of the file that is being unzipped. It permits the operation to run to completion or until local resources are exhausted.
| Code Block | ||
|---|---|---|
| ||
// external data source: args[0]
const int BUFFER = 512;
BufferedOutputStream dest = null;
FileInputStream fis = new FileInputStream(args[0]);
ZipInputStream zis = new ZipInputStream(new BufferedInputStream(fis));
ZipEntry entry;
while((entry = zis.getNextEntry()) != null) {
System.out.println("Extracting: " +entry);
int count;
byte data[] = new byte[BUFFER];
// write the files to the disk
FileOutputStream fos = new FileOutputStream(entry.getName());
dest = new BufferedOutputStream(fos, BUFFER);
while ((count = zis.read(data, 0, BUFFER)) != -1) {
dest.write(data, 0, count);
}
dest.flush();
dest.close();
}
zis.close();
|
Compliant Solution
In this compliant solution, the code inside the while loop uses the ZipEntry.getSize() to find the uncompressed filesize of each entry in a zip archive before extracting the entry. It throws an exception if the entry to be extracted is too large — 100MB in this case.
| Code Block | ||
|---|---|---|
| ||
// write the files to the disk - if file is not insanely big
const int TOOBIG = 0x6400000; // 100MB
if (entry.getSize() > TOOBIG)
throw new RuntimeException("File to be unzipped is huge.");
FileOutputStream fos = new FileOutputStream(entry.getName());
dest = new BufferedOutputStream(fos, BUFFER);
while ((count = zis.read(data, 0, BUFFER)) != -1) {
dest.write(data, 0, count);
}
|
Risk Assessment
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
IDS22-J | low | probable | high | P2 | L3 |
Bibliography
[SCG 2009] Secure Coding Guidelines for the Java Programming Language, version 3.0
[Mahmoud 2002] Compressing and Decompressing Data Using Java APIs
...