You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Nervos CKB Snappy decompress length can be very large and causes out of memory error
High severity
GitHub Reviewed
Published
Aug 12, 2020
in
nervosnetwork/ckb
•
Updated Feb 3, 2024
Adversary can create message which compressed size is less than the package limit but the decompressed length is very large such as 1G. It will cost the node many memories to process the network messages, and on the system with less than 1G memory, the process is killed directly because of out of memory error.
Patches
The node must check the decompress length before allocating the memory for the message.
quake Analyst
Impact
Adversary can create message which compressed size is less than the package limit but the decompressed length is very large such as 1G. It will cost the node many memories to process the network messages, and on the system with less than 1G memory, the process is killed directly because of out of memory error.
Patches
The node must check the decompress length before allocating the memory for the message.
References
References