| tags: | |
| - security | |
| - proof-of-concept | |
| - protobuf | |
| license: mit | |
| # Protocol Buffers GeneratedCodeInfo.Annotation path materialization DoS PoC | |
| This repository contains a benign security research PoC for a `.pb` artifact | |
| that drives repeated-scalar materialization during | |
| `descriptor_pb2.GeneratedCodeInfo.Annotation.ParseFromString(...)`. | |
| Files: | |
| - `control_one_source_file.pb` | |
| - `malicious_path_5000000.pb` | |
| - `reproduce.py` | |
| Observed behavior: | |
| - control artifact: | |
| - parses successfully with one `source_file` | |
| - malicious artifact: | |
| - parses successfully with `5,000,000` `path` integers | |
| - materially increases peak RSS during normal parse | |
| Tested runtime: | |
| ```bash | |
| python3 -m pip install protobuf==7.35.1 | |
| ``` | |
| Public reproduction: | |
| ```bash | |
| curl -L -O https://huggingface.co/hacnho/protobuf-generatedcodeinfo-annotation-path-dos-poc/resolve/main/control_one_source_file.pb | |
| curl -L -O https://huggingface.co/hacnho/protobuf-generatedcodeinfo-annotation-path-dos-poc/resolve/main/malicious_path_5000000.pb | |
| curl -L -O https://huggingface.co/hacnho/protobuf-generatedcodeinfo-annotation-path-dos-poc/resolve/main/reproduce.py | |
| python3 reproduce.py --control control_one_source_file.pb --malicious malicious_path_5000000.pb | |
| ``` | |