| tags: | |
| - security | |
| - proof-of-concept | |
| - protobuf | |
| license: mit | |
| # Protocol Buffers Value struct_value.fields materialization DoS PoC | |
| This repository contains a benign security research PoC for a `.pb` artifact | |
| that drives repeated map-entry materialization during | |
| `struct_pb2.Value.ParseFromString(...)`. | |
| Files: | |
| - `control_one_struct_value.pb` | |
| - `malicious_struct_value_fields_1400000.pb` | |
| - `reproduce.py` | |
| Observed behavior: | |
| - control artifact: | |
| - parses successfully with one `struct_value` field | |
| - malicious artifact: | |
| - parses successfully with `1,400,000` nested struct fields | |
| - materially increases peak RSS during normal parse | |
| Tested runtime: | |
| ```bash | |
| python3 -m pip install protobuf==7.35.1 | |
| ``` | |