diff options
author | Сергей Прохоров <seriy.pr@gmail.com> | 2015-01-19 05:06:53 +0300 |
---|---|---|
committer | Сергей Прохоров <seriy.pr@gmail.com> | 2015-02-12 21:44:11 +0300 |
commit | b24651c3bb6fef59c0e92c24e69151d1a92c4b08 (patch) | |
tree | b69a6e2e6a5ffbf3c1d73d4d0170df40c1982273 /erts/doc/src | |
parent | 50a92094372b45c9864afe3418b79605da549122 (diff) | |
download | otp-b24651c3bb6fef59c0e92c24e69151d1a92c4b08.tar.gz otp-b24651c3bb6fef59c0e92c24e69151d1a92c4b08.tar.bz2 otp-b24651c3bb6fef59c0e92c24e69151d1a92c4b08.zip |
Add zlib limited output buffer size functionality
This functionality may be useful for compressed streams with high
compression ratio (in case of gzip it may be up to x1000), when
small amount of compressed data will produce large amount of
uncompressed output. This may lead to DoS attacks, because
server easily goes out of memory.
Example of such high compression ratio stream:
```
dd if=/dev/zero of=sparse.bin bs=1MB count=100 # 100mb of zeroes
gzip sparse.bin # 95kb sparse.bin.gz
$ erl
> {ok, Compressed} = file:read_file("sparse.bin.gz"),
> 97082 = size(Compressed),
> Uncompressed = zlib:gunzip(Compressed),
> 100000000 = iolist_size(Uncompressed).
```
Diffstat (limited to 'erts/doc/src')
-rw-r--r-- | erts/doc/src/zlib.xml | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/erts/doc/src/zlib.xml b/erts/doc/src/zlib.xml index da8ccdecdf..673b743e2e 100644 --- a/erts/doc/src/zlib.xml +++ b/erts/doc/src/zlib.xml @@ -312,6 +312,53 @@ list_to_binary([B1,B2])</pre> </desc> </func> <func> + <name name="inflateChunk" arity="2"/> + <fsummary>Decompress data with limited output size</fsummary> + <desc> + <p>Like <c>inflate/2</c>, but decompress no more data than + will fit in the buffer configured via <c>setBufSize/2</c>. + Is is useful when decompressing a stream with a high compression + ratio such that a small amount of compressed input may expand up to + 1000 times. + It returns <c>{more, Decompressed}</c>, when there is more output + available, and <c>inflateChunk/1</c> should be used to read it. + It may introduce some output latency (reading + input without producing any output).</p> + <p>If a preset dictionary is needed at this point (see + <c>inflateSetDictionary</c> below), <c>inflateChunk/2</c> throws a + <c>{need_dictionary,Adler}</c> exception where <c>Adler</c> is + the adler32 checksum of the dictionary chosen by the + compressor.</p> + + <pre> +walk(Compressed, Handler) -> + Z = zlib:open(), + zlib:inflateInit(Z), + % Limit single uncompressed chunk size to 512kb + zlib:setBufSize(Z, 512 * 1024), + loop(Z, Handler, zlib:inflateChunk(Z, Compressed)), + zlib:inflateEnd(Z), + zlib:close(Z). + +loop(Z, Handler, {more, Uncompressed}) -> + Handler(Uncompressed), + loop(Z, Handler, zlib:inflateChunk(Z)); +loop(Z, Handler, Uncompressed) -> + Handler(Uncompressed). + </pre> + </desc> + </func> + <func> + <name name="inflateChunk" arity="1"/> + <fsummary>Read next uncompressed chunk</fsummary> + <desc> + <p>Read next chunk of uncompressed data, initialized by + <c>inflateChunk/2</c>.</p> + <p>This function should be repeatedly called, while it returns + <c>{more, Decompressed}</c>.</p> + </desc> + </func> + <func> <name name="inflateSetDictionary" arity="2"/> <fsummary>Initialize the decompression dictionary</fsummary> <desc> |