Protocol Buffers ContextRule allowed_request_extensions materialization DoS PoC

This repository contains a benign security research PoC for a protobuf binary artifact that drives large repeated-string materialization during google.api.context_pb2.ContextRule.ParseFromString(...).

Files:

  • control_one_selector.pb
  • malicious_allowed_request_extensions_5000000.pb
  • reproduce.py

Observed behavior:

  • control artifact:
    • parses successfully with zero allowed_request_extensions
  • malicious artifact:
    • both files are 10,000,000 bytes
    • parses successfully with 5,000,000 allowed_request_extensions entries
    • increases peak RSS by about 200000 kB in local clean-process replay
    • takes about 14.56x the control parse time

Tested runtime:

  • protobuf==7.35.1
  • Python: /usr/bin/python3

Public files:

  • https://huggingface.co/hacnho/protobuf-contextrule-allowed-request-extensions-dos-poc/resolve/main/control_one_selector.pb
  • https://huggingface.co/hacnho/protobuf-contextrule-allowed-request-extensions-dos-poc/resolve/main/malicious_allowed_request_extensions_5000000.pb
  • https://huggingface.co/hacnho/protobuf-contextrule-allowed-request-extensions-dos-poc/resolve/main/reproduce.py

Reproduction:

python3 reproduce.py
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support