On Wed, Dec 11, 2013 at 3:13 PM, Nikos Mavrogiannopoulos n.mavrogiannopoulos@gmail.com wrote:
As far as I understand that size assumption is only enforced on systems without alloca using an assert. In systems with alloca there is no such check. In both cases, it seems to be easy to abuse them for a denial of service. I think it would be better for these functions to fail rather than abort() if parameters are out of supported range.
A fix that could suit the master branch is attached. That adds the possibility to return an error if the maximum sizes are exceeded. For 2.7.x though this can be handled by an abort which is less than ideal, as it looks trivial to exploit for DoS. Even worse, nettle_mpz_set_str_256*() does not enforce the maximum limits on big numbers and doesn't even have the ability to return an error.
The patch is pretty ugly because it introduces unused variables, but couldn't think of a cleaner way to fix that.
Any other ideas on how the issue can be gracefully solved (especially in the 2.7 branch)?
regards, Nikos