Re: Preventing Denial of Service Attack In IPC Serialization
On 2007-05-27, Le Chaud Lapin <jaibuduvin@gmail.com> wrote:
very large number, say, 100,000,000. The target will unwittingly
invoke:
char *buffer = new char[100000000];
The attempt to allocate will either succeed or fail. If it succeeds,
100MB of virtual memory will be lost, which is, in a sense, worse than
if it fails.
-cut-
What then can I do to stop this problem?
Leave the decision to the user. Make the user to implement function
with a signature like
void *allocate(int type, int nitems, int size);
where type is the object type being allocated (list, simple struct, ...),
nitems is the number of child items (if applies to the given type), and
size is the number of bytes to be allocated in this call. So the user
can collect statistics on each individual allocation type if he cares
about memory usage (and has the opportunity to say at some point "enough!"
by returning NULL pointer), or (if he's lazy) he can just implement it like
void *allocate(int, int, int size)
{
return malloc(size);
}
Or, as others have suggested, cryptography. You don't need DSIG, I believe
that a HMAC would be sufficient.
--
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]