URL:
<http://gna.org/bugs/?13031>
Summary: Malicious map WML can hang Wesnoth / exhaust system
memory
Project: Battle for Wesnoth
Submitted by: dfranke
Submitted on: Friday 02/20/2009 at 10:02
Category: Bug
Severity: 6 - Security
Priority: 5 - Normal
Item Group: None of the others
Status: None
Privacy: Private
Assigned to: None
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Release: 1.5.10+svn
Operating System: Linux
_______________________________________________________
Details:
Although the Wesnoth map editor does not allow creating maps larger than
200x200, no size check is performed when loading an already-created map. A
one-by-ten-million map occupies only a few tens of megabytes on disk, gzips
down to a few tens of kilobytes (if it is all one terrain), but when opened
in Wesnoth will hang it for several minutes and consume tens of gigabytes of
memory. Particularly since networked multiplayer games maps are sent gzipped
over the wire, this permits clients to DoS each other by hosting games with
enormous maps, or by uploading such maps to the campaign server.
_______________________________________________________
Reply to this item at:
<http://gna.org/bugs/?13031>
_______________________________________________
Message sent via/by Gna!
http://gna.org/
_______________________________________________
Wesnoth-bugs mailing list
[email protected]
https://mail.gna.org/listinfo/wesnoth-bugs
