oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: sagemath denial of service with abort() in gmp: overflow in mpz type

From: Russ Allbery <eagle () eyrie org>
Date: Tue, 06 Sep 2022 09:14:46 -0700
Georgi Guninski <gguninski () gmail com> writes:


If you can crash the python interpreter without syscalls and without
the kernel killing it for OOM, would you call this DoS?


I would only call it a DoS if it crosses a privilege boundary.  A user can
always DoS themselves; that's just Ctrl-C.  :)

The implication here may be that it's unsafe to use sagemath on untrusted
input, and that by doing so one creates a DoS opportunity.  This would be
far (far!) from the only tool for which that's true, and thus not
particularly exciting, but possibly an opportunity for better
documentation.  (One could also reasonably desire that sagemath was safe
for use with untrusted input as a feature, but that can be a surprisingly
difficult feature to implement.)

-- 
Russ Allbery (eagle () eyrie org)             <https://www.eyrie.org/~eagle/>
Previous By Date Next
Previous By Thread Next

Current thread: