New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Some OOM problem was found in rhino #1427
Comments
Is this the problem that Rhino should fix? import org.mozilla.javascript.ast.Block;
public class Rhino_OOM {
public static void main(String[] args) {
Block block = new Block();
block.addChild(block);
System.out.println(block.toSource());
}
} |
Why is this a security issue? DoS? This is my opinion, but it is not a security issue that Rhino users can trigger OOM. If there is a service created by a Rhino user, and the service user of that service can trigger OOM in a way that is not intended by the Rhino user, could be a security issue in Rhino. |
* limit the length of the string to be used for indentation * use a cache of precalculated strings instead of generating new ones over and over again This addresses #1427
description
When I test the latest version(1.7.14) of rhino by CIFuzz,OOM security issue was found when use the follow apis,may cause denial of service issues in applications when use unlimited:
pom
code
analysis
All of these apis are Unlimited concatenation strings, a large amount of memory is consumed and may occurs OOM.
The text was updated successfully, but these errors were encountered: