1
91%
master: 89%

Ran 22 Sep 2014 05:18PM UTC

Files 52

Run time 22s

Badge

Embed ▾

Committed 22 Sep 2014 05:16PM UTC coverage: 90.947%. Remained the same

Job # SKIP_VIRUS_SCAN=1 SKIP_SPLINTER_TESTS=1 MONGO_REPLICA_SET=''

Build Type

push

travis-ci

Committed by

jabley

Commit Message

Defend against zip bombs

A zip bomb is a specially crafted file which expands to take up large
amounts of CPU time, disk space or memory.

The most well-known example of this is the 42.zip which is a zip file
consisting of 42 kilobytes of compressed data, containing five layers of
nested zip files in sets of 16, each bottom layer archive containing a
4.3 gigabyte (4 294 967 295 bytes; ~ 3.99 GiB) file for a total of 4.5
petabytes (4 503 599 626 321 920 bytes; ~ 3.99 PiB) of uncompressed
data.

Since we allow upload of gzip-compressed requests, we should defend
against malicious attacks like that.

This change adds a SafeGzipDecompressor which can be configured with a
max buffer size to use, and thus limits the amount of memory that we
permit a single upload to use.

gzip bomb created by 

```
$ dd if=/dev/zero bs=1024 count=102400 | gzip > gzip-bomb.gz
```

That creates an empty file full of zeros, which is 100M uncompressed,
but compressed down to a 100K gzip file.

Run Details

1768 of 1944 relevant lines covered (90.95%)

0.91 hits per line

alphagov / backdrop / 1937 / 1
91%
master: 89%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 1937.1 (SKIP_VIRUS_SCAN=1 SKIP_SPLINTER_TESTS=1 MONGO_REPLICA_SET='')

alphagov / backdrop / 1937 / 1 91% master: 89%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 1937.1 (SKIP_VIRUS_SCAN=1 SKIP_SPLINTER_TESTS=1 MONGO_REPLICA_SET='')

alphagov / backdrop / 1937 / 1
91%
master: 89%

README BADGES
x