XMMP/Jabber clients DoS vulnerability report

Ethan Blanton elb at pidgin.im
Fri Feb 12 10:49:52 EST 2010 

Mark Doliner spake unto us the following wisdom:
> On Wed, Feb 10, 2010 at 6:25 AM, Ethan Blanton <elb at pidgin.im> wrote:
> > Mark Doliner spake unto us the following wisdom:
> >> How does the attached patch look to people?  It sets a limit of 200
> >> smileys per GtkIMHtml by keeping a counter using g_object_get_data and
> >> g_object_set_data.  200 is fairly arbitrary.  My computer can handle
> >> more, but my computer is fairy fast.  I suspect some of our users will
> >> hit the 200 limit because, well, you know our users :-), but I also
> >> suspect that 200 is more than enough for any reasonable conversation.
> >
> > Does each smiley rendering become progressively slower, or something?
> > I would be inclined to account this per-IM, not per-IMHtml.  If an
> > IMHtml is getting generally slow, people have time to close the window
> > and open a new one; if a single IM is loaded up with smileys and
> > unusably slow, that's a different matter.
> 
> I'm not sure if each smiley rendering becomes progressively slower.  I
> feel like it might, but I didn't look at the code very closely.  It
> does seem like the slowness happens when adding the smileys to the
> GtkText, so having a per-IM limit might be sufficient.  What if we had
> both?  Maybe a limit of 500 smileys total and a limit of 15 per call
> to gtk_imhtml_insert_html_at_iter?  I haven't tried to smaller limit,
> so it may not be easy.

My inclination is to not limit the conversation total, as people who
leave their conversations open for long periods of time will hit the
limit and have no idea why.  Per-IM sort of has this problem, too, but
it's not something which will arbitrarily crop up at some time and
never go away, if you know what I mean.

Maybe I overanalyze.

Ethan

-- 
The laws that forbid the carrying of arms are laws [that have no remedy
for evils].  They disarm only those who are neither inclined nor
determined to commit crimes.
		-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20100212/c03219bc/attachment.pgp>

More information about the security mailing list