Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit f1324a4

Browse files
am0o0am0o0
committed
update qlhelp
1 parent 02b0b40 commit f1324a4

1 file changed

Lines changed: 11 additions & 11 deletions

File tree

java/ql/src/experimental/Security/CWE/CWE-522-DecompressionBombs/DecompressionBomb.qhelp

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -3,26 +3,26 @@
33
"qhelp.dtd">
44
<qhelp>
55
<overview>
6-
<p>Extracting Compressed files with any compression algorithm like gzip can cause to denial of service attacks.</p>
7-
<p>Attackers can compress a huge file which created by repeated similiar byte and convert it to a small compressed file.</p>
6+
<p>Extracting Compressed files with any compression algorithm like gzip can cause a denial of service attacks.</p>
7+
<p>Attackers can create a huge file by just repeating a single byte and compress it to a small file.</p>
88

99
</overview>
1010
<recommendation>
1111

12-
<p>When you want to decompress a user-provided compressed file you must be careful about the decompression ratio or read these files within a loop byte by byte to be able to manage the decompressed size in each cycle of the loop.</p>
12+
<p>When decompressing a user-provided compressed file, verify the decompression ratio or decompress the files within a loop byte by byte to be able to manage the decompressed size in each cycle of the loop.</p>
1313

1414
</recommendation>
1515
<example>
1616

1717
<p>
18-
Reading uncompressed ZipFile within a loop and check for a Threshold size in each cycle.
19-
</p>
20-
<sample src="example_good.java"/>
18+
In the following example, the decompressed file size is not checked before decompression, exposing the application to a denial of service.
19+
</p>
20+
<sample src="example_bad.java" />
2121

22-
<p>
23-
An Unsafe Approach can be this example which we don't check for uncompressed size.
24-
</p>
25-
<sample src="example_bad.java" />
22+
<p>
23+
A better approach is shown in the following example, where a ZIP file is read within a loop and a size threshold is checked every cicle.
24+
</p>
25+
<sample src="example_good.java"/>
2626

2727
</example>
2828
<references>
@@ -31,7 +31,7 @@ An Unsafe Approach can be this example which we don't check for uncompressed siz
3131
<a href="https://github.com/advisories/GHSA-47vx-fqr5-j2gw">CVE-2022-4565</a>
3232
</li>
3333
<li>
34-
<a href="https://www.bamsoftware.com/hacks/zipbomb/">A great research to gain more impact by this kind of attacks</a>
34+
David Fifield: <a href="https://www.bamsoftware.com/hacks/zipbomb/">A better zip bomb</a>.
3535
</li>
3636

3737
</references>

0 commit comments

Comments
 (0)