ietf-822
[Top] [All Lists]

Re: gzip-8bit

2003-02-28 05:15:37

In <200302272326(_dot_)52237(_at_)sendmail(_dot_)mutz(_dot_)com> Marc Mutz 
<mutz(_at_)kde(_dot_)org> writes:

So there you have a nice DoS attack: send a 1M message with all "a"s and=20
deflate-8bit to someone you don't like and see his box grind to a halt=20
under the memory pressure of a 1G attachment....

One of the features of YEnc IIRC (and it had many "features") was an
indication near the beginning of the total length in bytes. In the case of
a compressed stream, of course, that should be the uncompressed length so
that implementations can detect early on that the length exceeds the "house
limit" and abandon the decoding.

The Encoding we are discussing is intended for use with seriously large
files. It would be nice also if some machinery could be brought in at the
same time to enable advance computation of the total length of a
message/partial (or something in lieu of message/partial).

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133   Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clw(_dot_)cs(_dot_)man(_dot_)ac(_dot_)uk      Snail: 5 
Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5

<Prev in Thread] Current Thread [Next in Thread>