GHSA-ffj4-jq7m-9g6v

Описание

Summary

GuardDog's safe_extract() function does not validate decompressed file sizes when extracting ZIP archives (wheels, eggs), allowing attackers to cause denial of service through zip bombs. A malicious package can consume gigabytes of disk space from a few megabytes of compressed data.

Vulnerability Details

Affected Component: guarddog/utils/archives.py - safe_extract() function
Vulnerability Type: CWE-409 - Improper Handling of Highly Compressed Data (Zip Bomb)
Severity: HIGH (CVSS ~8)
Attack Vector: Network (malicious package uploaded to PyPI/npm) or local

Root Cause

The safe_extract() function handles TAR files securely using the tarsafe library, but ZIP file extraction has no size validation:

Missing protections:

• ❌ No decompressed size limit
• ❌ No compression ratio validation
• ❌ No file count limits
• ❌ No total extracted size validation

Impact

Denial of Service Scenarios

1. CI/CD Pipeline Disruption

• Attacker publishes malicious package to PyPI
• Developer adds package to requirements.txt
• CI/CD runs GuardDog scan
• Disk fills (GitHub Actions: standard 14GB limit)
• All deployments blocked

2. Resource Exhaustion

• Local development environments
• Security scanning infrastructure
• Automated scanning systems
• Docker containers with limited disk

3. Supply Chain Attack Amplification

• Single malicious package blocks security scanning
• Prevents detection of other malicious packages
• Forces manual intervention
• Increases security team workload

Recommended Fix

Add size validation for ZIP files similar to what tarsafe provides for TAR files

Configuration Options

Make limits configurable via environment variables or config file

Additional Improvements

1. Add warning logs when archives approach limits
2. Provide clear error messages for users
3. Document limits in user-facing documentation
4. Add tests for zip bomb detection
5. Consider using a safe ZIP library (similar to tarsafe)

Credit

Reported by: Charbel (dwbruijn)