Protocol Buffers ContextRule allowed_request_extensions materialization DoS PoC
This repository contains a benign security research PoC for a protobuf binary
artifact that drives large repeated-string materialization during
google.api.context_pb2.ContextRule.ParseFromString(...).
Files:
control_one_selector.pbmalicious_allowed_request_extensions_5000000.pbreproduce.py
Observed behavior:
- control artifact:
- parses successfully with zero
allowed_request_extensions
- parses successfully with zero
- malicious artifact:
- both files are
10,000,000bytes - parses successfully with
5,000,000allowed_request_extensionsentries - increases peak RSS by about
200000 kBin local clean-process replay - takes about
14.56xthe control parse time
- both files are
Tested runtime:
protobuf==7.35.1- Python:
/usr/bin/python3
Public files:
https://huggingface.co/hacnho/protobuf-contextrule-allowed-request-extensions-dos-poc/resolve/main/control_one_selector.pbhttps://huggingface.co/hacnho/protobuf-contextrule-allowed-request-extensions-dos-poc/resolve/main/malicious_allowed_request_extensions_5000000.pbhttps://huggingface.co/hacnho/protobuf-contextrule-allowed-request-extensions-dos-poc/resolve/main/reproduce.py
Reproduction:
python3 reproduce.py
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support